source: https://www.securityfocus.com/bid/25436/info
Vavoom is prone to multiple remote vulnerabilities, including a buffer-overflow issue, a format-string issue, and a denial-of-service issue.
An attacker can exploit these issues to execute arbitrary code within the context of the affected application or crash the application, denying service to legitimate users.
Vavoom 1.24 is vulnerable; prior versions may also be affected.
For the format-string vulnerability, an attacker sends a chat message containing '%n%n%n%n%s' string.