- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 28489
- Проверка EDB
-
- Пройдено
- Автор
- REVNIC VASILE
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2006-4654
- Дата публикации
- 2006-09-04
Код:
source: https://www.securityfocus.com/bid/19842/info
Easy Address Book Web Server is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied data before including it in the format-specifier argument to a formatted-printing function.
This issue allows remote attackers to execute arbitrary machine code in the context of the affected server process, facilitating the complete compromise of affected computers. Failed exploit attempts will likely crash the service.
Easy Address Book Web Server version 1.2 is vulnerable to this issue; other versions may also be affected.
http://www.example.com/?%25n- Источник
- www.exploit-db.com
