CVE-2006-1618

Name of the Vulnerable Software and Affected Versions: Doomsday engine version 1.8.6

Description: The issue is related to a format string vulnerability in the Con message and conPrintf functions. This vulnerability allows remote attackers to execute arbitrary code via format string specifiers in an argument to the JOIN command, and possibly other command arguments.

Recommendations: For Doomsday engine version 1.8.6, consider disabling the JOIN command or restricting its use until a patch is available to prevent potential exploitation. Additionally, avoid using format string specifiers in command arguments to minimize the risk of arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.