Vulnerability CVE-2004-2371


Published: 2004-12-31   Modified: 2012-02-12

Description:
Multiple Red Storm web-based games, including Ghost Recon 1.4 and earlier, Desert Siege, and The Sum of all Fears 1.1.1.0 and earlier, do not properly check return values from certain functions, which allows remote attackers to cause a denial of service (hang) via packets that contain text strings with incorrect size values.

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Redstorm -> Desert siege 
Redstorm -> Ghost recon 
Redstorm -> The sum of all fears 

 References:
http://xforce.iss.net/xforce/xfdb/15305
http://www.zone-h.org/advisories/read/id=4038
http://www.securityfocus.com/archive/1/355051
http://aluigi.altervista.org/adv/grboom-adv.txt
http://www.securityfocus.com/bid/9738

Copyright 2024, cxsecurity.com

 

Back to Top