Multiple buffer overflows in Live for Speed (LFS) S1 and S2 allow user-assisted remote attackers to execute arbitrary code via (1) a .spr file (single player replay file) containing a long user name or (2) a .ply file containing a long number plate string, different vectors than CVE-2007-4140.
7.7AI Score
0.129EPSS
Stack-based buffer overflow in Live for Speed 0.5X10 and earlier allows remote authenticated users to cause a denial of service (client crash) and possibly execute arbitrary code via a long skin name.
7.8AI Score
0.067EPSS