Lucene search

[email protected]CVE-2006-1402

HistoryMar 28, 2006 - 11:06 a.m.

CVE-2006-1402

2006-03-2811:06:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-1402

buffer overflow

doom

csdoom

remote attackers

denial of service

arbitrary code

nvd

8.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.092 Low

EPSS

Percentile

94.6%

JSON

Buffer overflow in client/server Doom (csDoom) 0.7 and earlier allows remote attackers to (1) cause a denial of service via a long nickname or teamname to the SV_SetupUserInfo function or (2) execute arbitrary code via a long string sent when joining a match or a long chat message to the SV_BroadcastPrintf function.

CPENameOperatorVersion
csdoom:csdoomcsdoomeq2005_0.7

CPE	Name	Operator	Version
csdoom:csdoom	csdoom	eq	2005_0.7

References

aluigi.altervista.org/adv/csdoombof-adv.txt

secunia.com/advisories/19389

voxelsoft.com/csdoom/

www.securityfocus.com/bid/17248

www.vupen.com/english/advisories/2006/1105

exchange.xforce.ibmcloud.com/vulnerabilities/25448

exchange.xforce.ibmcloud.com/vulnerabilities/25449

8.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.092 Low

EPSS

Percentile

94.6%

JSON

Related for CVE-2006-1402

prion1