CVE-2009-2549

2022-10-0316:24:06

mitre

www.cve.org

armed assault

denial of service

remote attackers

server crash

memory allocation

cpu consumption

null pointer

6.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.9%

JSON

Armed Assault (aka ArmA) 1.14 and earlier, and 1.16 beta, and Armed Assault II 1.02 and earlier allows remote attackers to cause a denial of service via a join packet with a final field whose value is (1) 0, which triggers a server crash related to memory allocation, or (2) 1, which triggers CPU/memory consumption and a NULL pointer dereference.