Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file.
Software | From | Fixed in |
---|---|---|
nullsoft / shoutcast_server | 1.9.4 | 1.9.4.x |