CVE-2004-1214

Kreed <1.05 - RCE

Title source: llm

Description

Format string vulnerability in Kreed 1.05 and earlier allows remote attackers to execute arbitrary code via format specifiers in (1) a nickname or (2) message text.

Exploits (1)

exploitdb WORKING POC

cdoswindows

https://www.exploit-db.com/exploits/672

View Code ZIP pw:eip

References (3)

[Mailing List] http://marc.info/?l=bugtraq&m=110201776207915&w=2

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/11799

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/18343

Scores

EPSS 0.0699

EPSS Percentile 91.5%

Details

Status published

Products (1)

burut/kreed 1.5

Published Jan 10, 2005

Tracked Since Feb 18, 2026