CVE-2006-0771
Gravedad CVSS v2.0:
MEDIA
Tipo:
CWE-134
Utilización de formatos de cadenas de control externo
Fecha de publicación:
18/02/2006
Última modificación:
03/04/2025
Descripción
*** Pendiente de traducción *** Format string vulnerability in PunkBuster 1.180 and earlier, as used by Soldier of Fortune II and possibly other games, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in invalid cvar values, which are not properly handled when the server kicks the player and records the reason.
Impacto
Puntuación base 2.0
6.40
Gravedad 2.0
MEDIA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:even_balance:punkbuster:*:*:*:*:*:*:*:* | 1.180 (incluyendo) |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- http://aluigi.altervista.org/adv/sof2pbfs-adv.txt
- http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0372.html
- http://secunia.com/advisories/18917
- http://securityreason.com/securityalert/448
- http://www.securityfocus.com/archive/1/425286/100/0/threaded
- http://www.securityfocus.com/bid/16703
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24792
- http://aluigi.altervista.org/adv/sof2pbfs-adv.txt
- http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0372.html
- http://secunia.com/advisories/18917
- http://securityreason.com/securityalert/448
- http://www.securityfocus.com/archive/1/425286/100/0/threaded
- http://www.securityfocus.com/bid/16703
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24792