CVE-2008-6704

Integer overflow in the NET_Compressor::Decompress function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server crash) via a crafted packet with a 0xc1 value that contains no compressed data, which triggers a copy of a large amount of memory.
Configurations

Configuration 1 (hide)

cpe:2.3:a:stalker-game:s.t.a.l.k.e.r.\:_shadow_of_chernobyl:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:57

Type Values Removed Values Added
References () http://aluigi.altervista.org/adv/stalker39x-adv.txt - () http://aluigi.altervista.org/adv/stalker39x-adv.txt -
References () http://osvdb.org/46627 - () http://osvdb.org/46627 -
References () http://secunia.com/advisories/30891 - Vendor Advisory () http://secunia.com/advisories/30891 - Vendor Advisory
References () http://www.securityfocus.com/archive/1/493765 - () http://www.securityfocus.com/archive/1/493765 -
References () http://www.securityfocus.com/bid/29997 - () http://www.securityfocus.com/bid/29997 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/43456 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/43456 -

Information

Published : 2009-04-10 22:00

Updated : 2024-11-21 00:57


NVD link : CVE-2008-6704

Mitre link : CVE-2008-6704

CVE.ORG link : CVE-2008-6704


JSON object : View

Products Affected

stalker-game

  • s.t.a.l.k.e.r.\
CWE
CWE-189

Numeric Errors