### [CVE-2007-4446](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4446)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Format string vulnerability in the server in Toribash 2.71 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the NICK command (client nickname) when entering a game.

### POC

#### Reference
- http://aluigi.org/poc/toribashish.zip
- http://securityreason.com/securityalert/3033

#### Github
No PoCs found on GitHub currently.