PT-2008-4730 · Partygaming · Partypoker
Published
2008-08-18
·
Updated
2024-02-08
·
CVE-2008-3324
CVSS v2.0
7.6
High
| Vector | AV:N/AC:H/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
PartyGaming PartyPoker client program version 121/120
Description
The issue concerns the PartyGaming PartyPoker client program, which fails to properly verify the authenticity of updates. This allows remote man-in-the-middle attackers to execute arbitrary code via a Trojan horse update.
Recommendations
For version 121/120, update the client program to a version that properly verifies the authenticity of updates to prevent arbitrary code execution.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Partypoker