PT-2005-2677 · Black Caviar · Warrior Kings+1

Luigi Auriemma

Published

2005-05-24

Updated

2016-10-18

CVE-2005-1702

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Warrior Kings: Battles versions 1.23 and earlier Warrior Kings versions 1.3 and earlier

Description The issue allows remote attackers to execute arbitrary code via format string specifiers in a nickname. This can be exploited to gain unauthorized access and control.

Recommendations For Warrior Kings: Battles versions 1.23 and earlier, avoid using format string specifiers in nicknames until a patch is available. For Warrior Kings versions 1.3 and earlier, restrict the use of format string specifiers in nicknames to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-1702

Affected Products

Warrior Kings

Warrior Kings: Battles

PT-2005-2677 · Black Caviar · Warrior Kings+1

CVE-2005-1702

Related Identifiers

Affected Products

References · 8