Lucene search

[email protected]NVD:CVE-2006-0771

HistoryFeb 18, 2006 - 9:02 p.m.

CVE-2006-0771

2006-02-1821:02:00

CWE-134

[email protected]

web.nvd.nist.gov

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

AI Score

7.8

Confidence

High

EPSS

0.093

Percentile

94.7%

JSON

Format string vulnerability in PunkBuster 1.180 and earlier, as used by Soldier of Fortune II and possibly other games, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in invalid cvar values, which are not properly handled when the server kicks the player and records the reason.

Affected configurations

Nvd

Node

even_balancepunkbusterRange≤1.180

VendorProductVersionCPE
even_balancepunkbuster*cpe:2.3:a:even_balance:punkbuster:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
even_balance	punkbuster	*	cpe:2.3:a:even_balance:punkbuster::::::::

References

aluigi.altervista.org/adv/sof2pbfs-adv.txt

archives.neohapsis.com/archives/fulldisclosure/2006-02/0372.html

secunia.com/advisories/18917

securityreason.com/securityalert/448

www.securityfocus.com/archive/1/425286/100/0/threaded

www.securityfocus.com/bid/16703

exchange.xforce.ibmcloud.com/vulnerabilities/24792

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

AI Score

7.8

Confidence

High

EPSS

0.093

Percentile

94.7%

JSON

Related for NVD:CVE-2006-0771

cvelist1 cve1 prion1