Valve Software : Security Vulnerabilities, CVEs, Published In October 2007
Off-by-one error in the GeoIP module in the AMX Mod X 1.76d plugin for Half-Life Server might allow attackers to execute arbitrary code or cause a denial of service via unspecified input related to geolocation, which triggers an error message from the (1) geoip_code2 or (2) geoip_code3 function, leading to a buffer overflow.
Max CVSS
7.5
EPSS Score
1.13%
Published
2007-10-30
Updated
2012-10-30
Cross-site scripting (XSS) vulnerability in auth.w in djeyl.net WebMod 0.48 Half-Life Dedicated Server plugin allows remote attackers to inject arbitrary web script or HTML via the redir parameter.
Max CVSS
4.3
EPSS Score
0.26%
Published
2007-10-16
Updated
2017-07-29
2 vulnerabilities found