6.7 Medium
AI Score
Confidence
High
4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.02 Low
EPSS
Percentile
89.0%
The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers (possibly authenticated) to cause a denial of service (application crash) via a long skin, weapon, or model name.
CPE | Name | Operator | Version |
---|---|---|---|
cor_entertainment:alien_arena_2006 | cor entertainment alien arena 2006 | eq | gold_5.00 |
aluigi.altervista.org/adv/aa2k6x-adv.txt
archives.neohapsis.com/archives/fulldisclosure/2006-03/0147.html
secunia.com/advisories/19144
www.osvdb.org/23749
www.securityfocus.com/archive/1/426984/100/0/threaded
www.securityfocus.com/bid/17028
www.vupen.com/english/advisories/2006/0882
exchange.xforce.ibmcloud.com/vulnerabilities/25201