Vulnerability CVE-2008-3492


Published: 2008-08-06   Modified: 2012-02-12

Description:
America's Army (aka AA or Army Game Project) 2.8.3.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted UDP packet, probably involving a VoiceIndex value that is outside of the range specified by VOICE_MAX_CHATTERS.

Type:

CWE-20

(Improper Input Validation)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Americasarmy -> America's army 

 References:
http://aluigi.altervista.org/adv/armynchia-adv.txt
http://aluigi.org/poc/armynchia.zip
http://www.securityfocus.com/archive/1/495061/100/0/threaded
http://www.securityfocus.com/bid/30519
https://exchange.xforce.ibmcloud.com/vulnerabilities/44152

Copyright 2024, cxsecurity.com

 

Back to Top