Format String Vulnerability in SHOUTcast by Nullsoft
CVE-2004-1373

Currently unrated

Key Information:

Vendor: Nullsoft
Status: Shoutcast Server
Vendor: CVE Published:; 23 December 2004

What is CVE-2004-1373?

A format string vulnerability exists in SHOUTcast 1.9.4, which allows remote attackers to exploit format string specifiers within a content URL. This can lead to application crashes or the execution of arbitrary code, particularly demonstrated through crafted .mp3 file names. Such vulnerabilities pose significant risks to system integrity and data security, marking the importance of updating affected software to mitigate these threats.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/18669

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/12096

vdb-entryx_refsource_BID

http://securitytracker.com/id?1012675

vdb-entryx_refsource_SECTRACK

EPSS Score

86% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Jan 7, 2005
Vulnerability published
Dec 23, 2004