Vulnerability CVE-2005-0984


Published: 2005-05-02   Modified: 2012-02-12

Description:
Buffer overflow in the G_Printf function in Star Wars Jedi Knight: Jedi Academy 1.011 and earlier allows remote attackers to execute arbitrary code via a long message using commands such as (1) say and (2) tell.

Vendor: Lucasarts
Product: Star wars jedi knight jedi academy 
Version: 1.0.11;

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None

 References:
http://www.securityfocus.com/bid/12977
http://secunia.com/advisories/14809
http://aluigi.altervista.org/adv/jamsgbof-adv.txt
http://marc.theaimsgroup.com/?l=bugtraq&m=111246855213653&w=2

Related CVE
CVE-2005-0983
Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (client disconnect) via a long message, which is not properly truncated and causes the engine to process the remaining data as if it were network data.
CVE-2004-1194
Buffer overflow in Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (application crash) via a long nickname.
CVE-2004-1195
Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (application crash) via a join request that contains a memory address that causes the server to read arbitrary memory.

Copyright 2019, cxsecurity.com

 

Back to Top