CVE-2013-6809 Information

Description

Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field.

Reference

http://osvdb.org/100511 http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html http://seclists.org/fulldisclosure/2013/Dec/15 https://exchange.xforce.ibmcloud.com/vulnerabilities/89455