What is CVE-2004-1373?

CVE-2004-1373 is a vulnerability in N/a. Published 2005-01-19.

Is CVE-2004-1373 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2004-1373

Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a…

EPSS: 0.869 (99.4th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

shoutcast-format-string(18669) (vdb-entry, x_refsource_XF)
12096 (vdb-entry, x_refsource_BID)
1012675 (vdb-entry, x_refsource_SECTRACK)
GLSA-200501-04 (vendor-advisory, x_refsource_GENTOO)
20041223 SHOUTcast remote format string vulnerability (mailing-list, x_refsource_BUGTRAQ)
20050219 exwormshoucast part of PTjob project: SHOUTcast v1.9.4 remote (mailing-list, x_refsource_BUGTRAQ)

Frequently asked questions

What is CVE-2004-1373?: CVE-2004-1373 is a vulnerability in N/a. Published 2005-01-19.
Is CVE-2004-1373 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.