Lucene search

[email protected]CVE-2008-2106

HistoryMay 07, 2008 - 8:20 p.m.

CVE-2008-2106

2008-05-0720:20:00

CWE-20

[email protected]

web.nvd.nist.gov

cod4

call of duty 4

cod4 1.5

denial of service

crash

type 7 stats packet

memcpy

cve-2008-2106

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

6.2 Medium

AI Score

Confidence

High

0.17 Low

EPSS

Percentile

96.1%

JSON

Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated users to cause a denial of service (crash) via a type 7 stats packet, which triggers a memcpy with a negative value.

Affected configurations

NVD

Node

activisioncall_of_duty_4Range≤1.5

CPENameOperatorVersion
activision:call_of_duty_4activision call of duty 4le1.5

CPE	Name	Operator	Version
activision:call_of_duty_4	activision call of duty 4	le	1.5

References

aluigi.altervista.org/adv/cod4statz-adv.txt

secunia.com/advisories/30050

securityreason.com/securityalert/3858

www.securityfocus.com/archive/1/491564/100/0/threaded

www.securityfocus.com/bid/29026

exchange.xforce.ibmcloud.com/vulnerabilities/42163

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

6.2 Medium

AI Score

Confidence

High

0.17 Low

EPSS

Percentile

96.1%

JSON

Related for CVE-2008-2106

prion1 cvelist1 nvd1