Sierra: Security Vulnerabilities
SWAT 4 1.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a (1) VERIFYCONTENT or (2) GAMECONFIG command sent to the server before user session initialization, which triggers a NULL pointer dereference; or (3) a GAMESPYRESPONSE command followed by a long RS string.
CVSS Score
5.0
EPSS Score
0.064
Published
2008-07-24
Buffer overflows in Sierra Half-Life build 1573 and earlier allow remote attackers to execute arbitrary code via (1) a long map command, (2) a long exec command, or (3) long input in a configuration file.
CVSS Score
7.5
EPSS Score
0.032
Published
2001-06-27
Format string vulnerability in Sierra Half-Life build 1573 and earlier allows a remote attacker to execute arbitrary code via the map command.
CVSS Score
7.5
EPSS Score
0.018
Published
2001-06-27