Vulnerability Details : CVE-2006-1402
Buffer overflow in client/server Doom (csDoom) 0.7 and earlier allows remote attackers to (1) cause a denial of service via a long nickname or teamname to the SV_SetupUserInfo function or (2) execute arbitrary code via a long string sent when joining a match or a long chat message to the SV_BroadcastPrintf function.
Vulnerability category: OverflowExecute codeDenial of service
Products affected by CVE-2006-1402
- cpe:2.3:a:csdoom:csdoom:2005_0.7:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-1402
12.28%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 95 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-1402
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2006-1402
-
http://www.securityfocus.com/bid/17248
Exploit;Patch
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/25448
-
http://www.vupen.com/english/advisories/2006/1105
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/25449
-
http://aluigi.altervista.org/adv/csdoombof-adv.txt
Patch;Vendor Advisory
-
http://voxelsoft.com/csdoom/
Jump to