CVE-2008-6704

2009-04-1015:00:00

mitre

www.cve.org

6.8 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

JSON

Integer overflow in the NET_Compressor::Decompress function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server crash) via a crafted packet with a 0xc1 value that contains no compressed data, which triggers a copy of a large amount of memory.

References

aluigi.altervista.org/adv/stalker39x-adv.txt

osvdb.org/46627

secunia.com/advisories/30891

www.securityfocus.com/archive/1/493765

www.securityfocus.com/bid/29997

exchange.xforce.ibmcloud.com/vulnerabilities/43456