Lucene search

[email protected]CVE-2006-3849

HistoryJul 25, 2006 - 11:04 p.m.

CVE-2006-3849

2006-07-2523:04:00

[email protected]

web.nvd.nist.gov

cve-2006-3849

buffer overflow

warzone 2100

warzone resurrection

remote code execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.139 Low

EPSS

Percentile

95.7%

JSON

Stack-based buffer overflow in Warzone 2100 and Warzone Resurrection 2.0.3 and earlier allows remote attackers to execute arbitrary code via a (1) long message handled by the recvTextMessage function in multiplay.c or a (2) long filename handled by NETrecvFile function in netplay/netplay.c.

Affected configurations

NVD

Node

pumpkin_studioswarzoneMatch2100

pumpkin_studioswarzone_resurrectionMatch2.0.3

CPENameOperatorVersion
pumpkin_studios:warzonepumpkin studios warzoneeq2100
pumpkin_studios:warzone_resurrectionpumpkin studios warzone resurrectioneq2.0.3

CPE	Name	Operator	Version
pumpkin_studios:warzone	pumpkin studios warzone	eq	2100
pumpkin_studios:warzone_resurrection	pumpkin studios warzone resurrection	eq	2.0.3

References

aluigi.altervista.org/adv/warzonebof-adv.txt

secunia.com/advisories/21474

securityreason.com/securityalert/1283

www.gentoo.org/security/en/glsa/glsa-200608-16.xml

www.securityfocus.com/archive/1/441039/100/0/threaded

www.securityfocus.com/bid/19118

www.vupen.com/english/advisories/2006/2943

exchange.xforce.ibmcloud.com/vulnerabilities/27910

exchange.xforce.ibmcloud.com/vulnerabilities/27915

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.139 Low

EPSS

Percentile

95.7%

JSON

Related for CVE-2006-3849

gentoo1 openvas2 nessus1 cvelist1 nvd1