Lucene search

[email protected]CVE-2007-5713

HistoryOct 30, 2007 - 7:46 p.m.

CVE-2007-5713

2007-10-3019:46:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2007-5713

geoip module

amx mod x

buffer overflow

denial of service

geolocation

arbitrary code

vulnerability

nvd

8.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.7%

JSON

Off-by-one error in the GeoIP module in the AMX Mod X 1.76d plugin for Half-Life Server might allow attackers to execute arbitrary code or cause a denial of service via unspecified input related to geolocation, which triggers an error message from the (1) geoip_code2 or (2) geoip_code3 function, leading to a buffer overflow.

CPENameOperatorVersion
amxmodx:amx_mod_xamxmodx amx mod xeq1.76d
valve_software:half-life_dedicated_servervalve software half-life dedicated servereq*

CPE	Name	Operator	Version
amxmodx:amx_mod_x	amxmodx amx mod x	eq	1.76d
valve_software:half-life_dedicated_server	valve software half-life dedicated server	eq	*

References

bugs.alliedmods.net/?do=details&task_id=519

osvdb.org/41980

secunia.com/advisories/27411

wiki.alliedmods.net/AMX_Mod_X_1.8.0_Changes

www.securityfocus.com/bid/26218

8.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.7%

JSON

Related for CVE-2007-5713

prion1 cvelist1