Unrated severityNVD Advisory· Published Oct 8, 2007· Updated Apr 23, 2026

CVE-2007-5265

Description

Multiple format string vulnerabilities in websrv.cpp in Dawn of Time 1.69s beta4 and earlier allow remote attackers to execute arbitrary code via format string specifiers in the (1) username or (2) password fields when accessing certain "restricted zones", which are not properly handled by the (a) processWebHeader and (b) filterWebRequest functions.

Affected products

Dawnoftime/Dawn Of Time
cpe:2.3:a:dawnoftime:dawn_of_time:*:*:*:*:*:*:*:*
Range: <=1.69s_beta4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

aluigi.altervista.org/adv/dawnfs-adv.txtnvdExploit
www.securityfocus.com/bid/25944nvdExploit
secunia.com/advisories/27083nvdVendor Advisory
forums.dawnoftime.org/viewtopic.phpnvd
securityreason.com/securityalert/3201nvd
www.securityfocus.com/archive/1/481619/100/0/threadednvd
www.vupen.com/english/advisories/2007/3418nvd
exchange.xforce.ibmcloud.com/vulnerabilities/36973nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.012
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000