RSS   Podatności dla 'Babo violent'   RSS

2007-08-16
 
CVE-2007-4379

CWE-Other
 

 
Babo Violent 2 2.08.00 and earlier allows remote attackers to cause a denial of service (application crash) via (1) a value greater than 0x27 for the (a) 0xca, (b) 0xcb, (c) 0xcc, (d) 0xce, (e) 0xcf, or (f) 0xd0 data ID; (2) a nonexistent map name; or (3) a UDP packet that specifies a large data size.

 
 
CVE-2007-4378

CWE-Other
 

 
Multiple format string vulnerabilities in Babo Violent 2 2.08.00 and earlier allow remote attackers to execute arbitrary code via format string specifiers in (1) a message or (2) certain data associated with an admin login.

 
 
CVE-2007-4374

CWE-Other
 

 
Babo Violent 2 2.08.00 does not validate the sender field of a chat message composed by a client, which allows remote authenticated users to spoof messages.

 
 
CVE-2007-4373

CWE-Other
 

 
The server in Babo Violent 2 2.08.00 and earlier does not properly implement password protection, which might allow remote attackers to bypass authentication by reconnecting after a connection closes.

 


Copyright 2024, cxsecurity.com

 

Back to Top