Format string vulnerability in Logger.cc for Spey 0.3.3 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a syslog call.
http://spey.cvs.sourceforge.net/spey/spey/src/Logger.cc?view=log