Launchpad.net

CVE 2005-3486

Multiple format string vulnerabilities in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) ServerCommon::serverLog functions, and possibly other unspecified vectors.

See the CVE page on Mitre.org for more details.

References