Empire Server: Security Vulnerabilities
The files utility in Empire Server before 4.3.15 discloses the world creation time, which makes it easier for attackers to determine the PRNG seed.
CVSS Score
5.0
EPSS Score
0.003
Published
2008-07-14
Multiple heap-based buffer overflows in Empire Server before 4.3.15 allow remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to a "coordinate normalization bug." NOTE: some of these details are obtained from third party information.
CVSS Score
10.0
EPSS Score
0.031
Published
2008-07-14
The client_cmd function in Empire 4.3.2 and earlier allows remote attackers to cause a denial of service (application crash) by causing long text strings to be appended to the player->client buffer, which causes an invalid memory access.
CVSS Score
5.0
EPSS Score
0.109
Published
2006-05-16
Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a denial of service (crash) via the (1) load, (2) spy and (3) bomb functions.
CVSS Score
6.4
EPSS Score
0.008
Published
2006-04-19