Vulnerability Details CVE-2008-3324
The PartyGaming PartyPoker client program 121/120 does not properly verify the authenticity of updates, which allows remote man-in-the-middle attackers to execute arbitrary code via a Trojan horse update.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.4%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 7.6
References
- http://seclists.org/fulldisclosure/2008/Aug/0302.html
- http://www.securityfocus.com/archive/1/495724/100/0/threaded
- http://www.securityfocus.com/bid/30693
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44477
- http://seclists.org/fulldisclosure/2008/Aug/0302.html
- http://www.securityfocus.com/archive/1/495724/100/0/threaded
- http://www.securityfocus.com/bid/30693
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44477
Products affected by CVE-2008-3324
-
cpe:2.3:a:party_gaming:party_poker_client:121-120