Vulnerability Details CVE-2004-2371
Multiple Red Storm web-based games, including Ghost Recon 1.4 and earlier, Desert Siege, and The Sum of all Fears 1.1.1.0 and earlier, do not properly check return values from certain functions, which allows remote attackers to cause a denial of service (hang) via packets that contain text strings with incorrect size values.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://aluigi.altervista.org/adv/grboom-adv.txt
- http://www.securityfocus.com/archive/1/355051
- http://www.securityfocus.com/bid/9738
- http://www.zone-h.org/advisories/read/id=4038
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15305
- http://aluigi.altervista.org/adv/grboom-adv.txt
- http://www.securityfocus.com/archive/1/355051
- http://www.securityfocus.com/bid/9738
- http://www.zone-h.org/advisories/read/id=4038
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15305
Products affected by CVE-2004-2371
-
cpe:2.3:a:redstorm:desert_siege:*
-
cpe:2.3:a:redstorm:ghost_recon:1.4
-
cpe:2.3:a:redstorm:the_sum_of_all_fears:1.1.1.0