SILC Client Format String Vulnerability

SILC Client is prone to a format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function.

An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in a denial-of-service condition.

Versions prior to SILC Client 1.1.8 and SILC Toolkit 1.1.10 are affected.


 

Privacy Statement
Copyright 2010, SecurityFocus