Arbitrary Code Execution via Format String Vulnerabilities in Tanne 0.6.17 Logger Function

Arbitrary Code Execution via Format String Vulnerabilities in Tanne 0.6.17 Logger Function

CVE-2003-1236 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog.

Learn more about our Web Application Penetration Testing UK.