Integer overflow in the NET_Compressor::Decompress function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server crash) via a crafted packet with a 0xc1 value that contains no compressed data, which triggers a copy of a large amount of memory.
References
Configurations
History
21 Nov 2024, 00:57
Type | Values Removed | Values Added |
---|---|---|
References | () http://aluigi.altervista.org/adv/stalker39x-adv.txt - | |
References | () http://osvdb.org/46627 - | |
References | () http://secunia.com/advisories/30891 - Vendor Advisory | |
References | () http://www.securityfocus.com/archive/1/493765 - | |
References | () http://www.securityfocus.com/bid/29997 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/43456 - |
Information
Published : 2009-04-10 22:00
Updated : 2024-11-21 00:57
NVD link : CVE-2008-6704
Mitre link : CVE-2008-6704
CVE.ORG link : CVE-2008-6704
JSON object : View
Products Affected
stalker-game
- s.t.a.l.k.e.r.\
CWE
CWE-189
Numeric Errors