RSS   Vulnerabilities for 'Dropteam'   RSS

2007-10-08
 
CVE-2007-5264

CWE-200
 

 
Battlefront Dropteam 1.3.3 and earlier sends the client's online account name and password to the game server, which allows malicious game servers to steal account information.

 
 
CVE-2007-5263

CWE-119
 

 
Multiple buffer overflows in Battlefront Dropteam 1.3.3 and earlier allow remote attackers to execute arbitrary code via (1) a crafted "0x5c" packet or (2) many 32-bit numbers in a "0x18" packet, or cause a denial of service (crash) via (3) a large "0x4b" packet.

 
 
CVE-2007-5262

CWE-134
 

 
Multiple format string vulnerabilities in Battlefront Dropteam 1.3.3 and earlier allow remote attackers to execute arbitrary code via format string specifiers in the (1) username, (2) password, and (3) nickname fields in a "0x01" packet.

 


Copyright 2024, cxsecurity.com

 

Back to Top