Unrated severityNVD Advisory· Published Jan 10, 2005· Updated Apr 16, 2026

CVE-2004-1192

Description

Format string vulnerability in the lprintf function in Citadel/UX 6.27 and earlier allows remote attackers to execute arbitrary code via format string specifiers sent to the server.

Affected products

Citadel/Ux6 versions
cpe:2.3:a:citadel:ux:6.07:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:citadel:ux:6.07:*:*:*:*:*:*:*
- cpe:2.3:a:citadel:ux:6.08:*:*:*:*:*:*:*
- cpe:2.3:a:citadel:ux:6.23:*:*:*:*:*:*:*
- cpe:2.3:a:citadel:ux:6.24:*:*:*:*:*:*:*
- cpe:2.3:a:citadel:ux:6.26:*:*:*:*:*:*:*
- cpe:2.3:a:citadel:ux:6.27:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

marc.infonvd
marc.infonvd
www.nosystem.com.ar/advisories/advisory-09.txtnvd
exchange.xforce.ibmcloud.com/vulnerabilities/18429nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000