CVE-2007-4832

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2007-4832
Format string vulnerability in CellFactor Revolution 1.03 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a malformed nickname.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://aluigi.altervista.org/adv/cellfucktor-adv.txt Exploit
http://osvdb.org/40503
http://secunia.com/advisories/26765 Vendor Advisory
http://securityreason.com/securityalert/3130
http://www.securityfocus.com/bid/25625
http://www.vupen.com/english/advisories/2007/3109
https://exchange.xforce.ibmcloud.com/vulnerabilities/36506
Configurations

Configuration 1 (hide)

cpe:2.3:a:immersion_games:cellfactor_revolution:*:*:*:*:*:*:*:*
History

No history.

Information

Published : 2007-09-12 19:17

Updated : 2024-02-28 11:01

NVD link : CVE-2007-4832

Mitre link : CVE-2007-4832

CVE.ORG link : CVE-2007-4832

JSON object : View

Products Affected

immersion_games

  • cellfactor_revolution
CWE
CWE-134

Use of Externally-Controlled Format String


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024