Lucene search

[email protected]CVE-2005-0906

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0906

2005-05-0204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-0906

buffer overflow

tincat network library

remote code execution

vulnerability

nvd

7.9 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.107 Low

EPSS

Percentile

95.0%

JSON

Buffer overflow in a player logging function in the Tincat network library 2.x before 2.0.28, as used in games such as Sacred and The Settlers: Heritage of Kings, allows remote attackers to execute arbitrary code.

CPENameOperatorVersion
instance_four:tincatinstance four tincateqrelease_2
ubi_soft:the_settlersheritage_of_kingsubi soft the settlersheritage of kingseq1.0_2
sacred:sacredsacredeq1.8.2.6

CPE	Name	Operator	Version
instance_four:tincat	instance four tincat	eq	release_2
ubi_soft:the_settlersheritage_of_kings	ubi soft the settlersheritage of kings	eq	1.0_2
sacred:sacred	sacred	eq	1.8.2.6

References

aluigi.altervista.org/adv/tincat2bof-adv.txt

secunia.com/advisories/14762

secunia.com/advisories/14767

www.securityfocus.com/archive/1/394404

www.securityfocus.com/bid/12912

7.9 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.107 Low

EPSS

Percentile

95.0%

JSON

Related for CVE-2005-0906

kaspersky1