Lucene search

[email protected]CVE-2009-2916

HistoryAug 21, 2009 - 11:30 a.m.

CVE-2009-2916

2009-08-2111:30:00

CWE-134

[email protected]

web.nvd.nist.gov

cve-2009-2916

format string vulnerability

cns_addtxt

logs.dll

2k games vietcong 2

remote code execution

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.02

Percentile

88.8%

JSON

Format string vulnerability in the CNS_AddTxt function in logs.dll in 2K Games Vietcong 2 1.10 and earlier might allow remote attackers to execute arbitrary code via format string specifiers in the nickname.

Affected configurations

NVD

Node

2kgamesvietcong_2Range≤1.10

VendorProductVersionCPE
2kgamesvietcong_2cpe:/a:2kgames:vietcong_2::::

Vendor	Product	Version	CPE
2kgames	vietcong_2		cpe:/a:2kgames:vietcong_2::::

References

aluigi.altervista.org/adv/vietcong2fs-adv.txt

osvdb.org/57002

secunia.com/advisories/36301

exchange.xforce.ibmcloud.com/vulnerabilities/52422

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.02

Percentile

88.8%

JSON

Related for CVE-2009-2916

prion1 nvd1 cvelist1