Vulnerability Details CVE-2004-1500
Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a message.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 79.3%
CVSS Severity
CVSS v2 Score 2.1
References
- http://aluigi.altervista.org/adv/lithfs-adv.txt
- http://marc.info/?l=bugtraq&m=109969394601331&w=2
- http://secunia.com/advisories/13116/
- http://secunia.com/advisories/17317
- http://www.securityfocus.com/bid/11610
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17972
- http://aluigi.altervista.org/adv/lithfs-adv.txt
- http://marc.info/?l=bugtraq&m=109969394601331&w=2
- http://secunia.com/advisories/13116/
- http://secunia.com/advisories/17317
- http://www.securityfocus.com/bid/11610
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17972
Products affected by CVE-2004-1500
-
cpe:2.3:a:freeform_interactive:purge_jihad:2.2.1
-
cpe:2.3:a:monolith_productions:alien_versus_predator:2.1.0.9.6
-
cpe:2.3:a:monolith_productions:blood:2.2.1
-
cpe:2.3:a:monolith_productions:contract_jack:1.1
-
cpe:2.3:a:monolith_productions:global_operations:2.0
-
cpe:2.3:a:monolith_productions:global_operations:2.1
-
cpe:2.3:a:monolith_productions:kiss_psycho_circus:1.13
-
cpe:2.3:a:monolith_productions:legends_of_might_and_magic:1.1
-
cpe:2.3:a:monolith_productions:no_one_lives_forever:1.0.004
-
cpe:2.3:a:monolith_productions:no_one_lives_forever:2.1.3
-
cpe:2.3:a:monolith_productions:sanity:1.0
-
cpe:2.3:a:monolith_productions:shogo:2.2
-
cpe:2.3:a:monolith_productions:tron:2.0.1.42