← back
CVE-2009-2548

CVE-2009-2548

EPSS 4.4%
Format string vulnerability in Armed Assault (aka ArmA) 1.14 and earlier, and 1.16 beta, and Armed Assault II 1.02 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) nickname and (2) datafile fields in a join request, which is not properly handled when logging an error message.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://aluigi.altervista.org/adv/armazzofs-adv.txthttp://www.vupen.com/english/advisories/2009/1951