Lucene search

[email protected]CVE-2007-5464

HistoryOct 15, 2007 - 10:17 p.m.

CVE-2007-5464

2007-10-1522:17:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-5464

stack-based buffer overflow

live for speed

denial of service

remote authentication

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.064 Low

EPSS

Percentile

93.7%

JSON

Stack-based buffer overflow in Live for Speed 0.5X10 and earlier allows remote authenticated users to cause a denial of service (client crash) and possibly execute arbitrary code via a long skin name.

Affected configurations

NVD

Node

lfslive_for_speedRange≤0.5x10

lfslive_for_speedRange≤demo

lfslive_for_speedRange≤s1

lfslive_for_speedRange≤s2

CPENameOperatorVersion
lfs:live_for_speedlfs live for speedle0.5x10
lfs:live_for_speedlfs live for speedledemo
lfs:live_for_speedlfs live for speedles1
lfs:live_for_speedlfs live for speedles2

CPE	Name	Operator	Version
lfs:live_for_speed	lfs live for speed	le	0.5x10
lfs:live_for_speed	lfs live for speed	le	demo
lfs:live_for_speed	lfs live for speed	le	s1
lfs:live_for_speed	lfs live for speed	le	s2

References

aluigi.altervista.org/adv/lfscbof-adv.txt

secunia.com/advisories/27242

securityreason.com/securityalert/3234

www.securityfocus.com/archive/1/482249/100/0/threaded

www.securityfocus.com/bid/26066

exchange.xforce.ibmcloud.com/vulnerabilities/37191

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.064 Low

EPSS

Percentile

93.7%

JSON

Related for CVE-2007-5464

cvelist1 nvd1 prion1