https://www.exploit-db.com/exploits/25190
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200503-044

Carsten的3DEngine(Ca3DE)2004年3月版本及更早版本中存在格式化字符串漏洞，远程攻击者可以通过指令中的格式化字符串限定符执行任意代码。

source: http://www.securityfocus.com/bid/12727/info

Ca3DE is reported prone to multiple remote vulnerabilities. An attacker can exploit these issues to carry out format string and denial of service attacks.

The following specific issues were identified:

It is reported that all commands accepted by the server are affected by format string vulnerabilities.

A successful attack may result in crashing the application or lead to arbitrary code execution. This may facilitate unauthorized access or privilege escalation in the context of the application.

The application is also affected by a remote denial of service vulnerability.

Ca3DE versions released before March 2004 are affected by these issues. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/25190.zip

来源:BID
名称:12727
链接:http://www.securityfocus.com/bid/12727
来源:SECUNIA
名称:14483
链接:http://secunia.com/advisories/14483
来源:SECTRACK
名称:1013361
链接:http://securitytracker.com/id?1013361
来源:MISC
链接:http://aluigi.altervista.org/adv/ca3dex-adv.txt