PT-2005-3655 · Id · Lithium Ii Mod

Sinnull

Publicado

2005-09-02

Atualizado

2017-07-11

CVE-2005-2774

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Lithium II mod version 1.24 for Quake 2

Description The issue allows remote attackers to cause a denial of service, potentially leading to a server crash, and may also enable the execution of arbitrary code. This is achieved through the use of format string specifiers in the nickname.

Recommendations For Lithium II mod version 1.24, consider restricting or validating user input for the nickname field to prevent the use of malicious format string specifiers until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-2774

Produtos afetados

Lithium Ii Mod

PT-2005-3655 · Id · Lithium Ii Mod

CVE-2005-2774

Identificadores relacionados

Produtos afetados

Referências · 5