Lucene search

[email protected]CVE-2007-6468

HistoryDec 20, 2007 - 12:46 a.m.

CVE-2007-6468

2007-12-2000:46:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-6468

buffer overflow

huffdecode

huffman encoded packet

remote code execution

denial of service

security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.053 Low

EPSS

Percentile

93.1%

JSON

Buffer overflow in the HuffDecode function in hw_utils/hwrcon/huffman.c and hexenworld/Client/huffman.c in Hammer of Thyrion 1.4.2 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted huffman encoded packet. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

hammer_of_thyrionhammer_of_thyrionMatch1.4.2

CPENameOperatorVersion
hammer_of_thyrion:hammer_of_thyrionhammer of thyrioneq1.4.2

CPE	Name	Operator	Version
hammer_of_thyrion:hammer_of_thyrion	hammer of thyrion	eq	1.4.2

References

osvdb.org/42641

secunia.com/advisories/28124

sourceforge.net/project/shownotes.php?release_id=562016&group_id=124987

uhexen2.cvs.sourceforge.net/uhexen2/hexenworld/Client/huffman.c?r1=1.24&r2=1.25

uhexen2.cvs.sourceforge.net/uhexen2/hw_utils/hwrcon/huffman.c?r1=1.18&r2=1.19

www.securityfocus.com/bid/26893

www.vupen.com/english/advisories/2007/4239

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.053 Low

EPSS

Percentile

93.1%

JSON

Related for CVE-2007-6468

prion1 cvelist1 nvd1