Lucene search

[email protected]CVE-2007-4444

HistoryAug 21, 2007 - 12:17 a.m.

CVE-2007-4444

2007-08-2100:17:00

[email protected]

web.nvd.nist.gov

cve-2007-4444

buffer overflow

image space

rfactor

code execution

udp port

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.243 Low

EPSS

Percentile

96.6%

JSON

Multiple buffer overflows in Image Space rFactor 1.250 and earlier allow remote attackers to execute arbitrary code via a packet with ID (1) 0x80 or (2) 0x88 to UDP port 34297, related to the buffer containing the server version number.

Affected configurations

NVD

Node

rfactorrfactorMatch1150

rfactorrfactorMatch1250

CPENameOperatorVersion
rfactor:rfactorrfactoreq1150
rfactor:rfactorrfactoreq1250

CPE	Name	Operator	Version
rfactor:rfactor	rfactor	eq	1150
rfactor:rfactor	rfactor	eq	1250

References

aluigi.org/poc/rfactorx.zip

forum.racesimcentral.com/showthread.php?t=298659

secunia.com/advisories/26526

securityreason.com/securityalert/3037

www.rfactor.net/?page=news_09-26_1255

www.securityfocus.com/archive/1/477023/100/0/threaded

www.securityfocus.com/archive/1/480591/100/200/threaded

www.securityfocus.com/archive/1/480921/100/200/threaded

www.securityfocus.com/bid/25358

exchange.xforce.ibmcloud.com/vulnerabilities/36093

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.243 Low

EPSS

Percentile

96.6%

JSON

Related for CVE-2007-4444

nvd1 cvelist1 prion1