Vulnerabilities > CVE-2007-4533 - Remote vulnerability in Vavoom

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

vavoom

nessus

exploit available

NVD

Published: 2007-08-25

Updated: 2017-07-29

Summary

Format string vulnerability in the Say command in sv_main.cpp in Vavoom 1.24 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a chat message, related to a call to the BroadcastPrintf function.

Vulnerable Configurations

Part	Description	Count
Application	Vavoom Vavoom Vavoom *	1

Exploit-Db

description	Vavoom 1.24 sv_main.cpp Say Command Remote Format String. CVE-2007-4533. Dos exploits for multiple platform
id	EDB-ID:30526
last seen	2016-02-03
modified	2007-08-24
published	2007-08-24
reporter	Luigi Auriemma
source	https://www.exploit-db.com/download/30526/
title	Vavoom 1.24 sv_main.cpp Say Command Remote Format String

Nessus

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2007-1977.NASL
description	Security update fixing various format strings vulnerabilities and a DOS vulnerability in the vavoom server, this fixes: CVE-2007-4533, CVE-2007-4534 & CVE-2007-4535. Also see bugzilla bug 256621. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	27741
published	2007-11-06
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/27741
title	Fedora 7 : vavoom-1.24-3.fc7 (2007-1977)

Summary

Vulnerable Configurations

Exploit-Db

Nessus

References