Lucene search

[email protected]CVE-2003-1381

HistoryOct 19, 2007 - 10:00 a.m.

CVE-2003-1381

2007-10-1910:00:00

CWE-134

[email protected]

web.nvd.nist.gov

amx

format string

vulnerability

valve software

half-life server

remote execution

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.4%

JSON

Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software’s Half-Life Server, allows remote attackers to execute arbitrary commands via format string specifiers in the amx_say command.

Affected configurations

NVD

Node

amxmod.netamx_modMatch0.9.2

CPENameOperatorVersion
amxmod.net:amx_modamxmod.net amx modeq0.9.2

CPE	Name	Operator	Version
amxmod.net:amx_mod	amxmod.net amx mod	eq	0.9.2

References

securityreason.com/securityalert/3258

www.securityfocus.com/archive/1/313273

www.securityfocus.com/bid/6968

exchange.xforce.ibmcloud.com/vulnerabilities/11427

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.4%

JSON

Related for CVE-2003-1381

nvd1 cvelist1