PT-2010-1577 · Blizzard · Warcraft Iii: The Frozen Throne

Published

2010-04-20

Updated

2017-08-17

CVE-2009-4768

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Warcraft III: The Frozen Throne versions 1.24b and earlier

Description The issue allows user-assisted remote attackers to execute arbitrary code via a crafted custom map. This is related to an unspecified vulnerability in the JASS script interpreter.

Recommendations For versions 1.24b and earlier, update to a version later than 1.24b to resolve the issue. As a temporary workaround, consider avoiding the use of crafted custom maps until a patch is available.

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2009-4768

Affected Products

Warcraft Iii: The Frozen Throne

PT-2010-1577 · Blizzard · Warcraft Iii: The Frozen Throne

CVE-2009-4768

Weakness Enumeration

Related Identifiers

Affected Products

References · 5