Vulnerability Details : CVE-2008-3597
Skulltag before 0.97d2-RC6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by sending a "command 29" packet when the player is not in the game.
Vulnerability category: Memory CorruptionDenial of service
Products affected by CVE-2008-3597
- cpe:2.3:a:skulltag:skulltag:*:*:*:*:*:*:*:*
- cpe:2.3:a:skulltag:skulltag:0.97d2:-:*:*:*:*:*:*
- cpe:2.3:a:skulltag:skulltag:0.97d2:rc2:*:*:*:*:*:*
- cpe:2.3:a:skulltag:skulltag:0.97d2:rc3:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2008-3597
3.50%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-3597
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2008-3597
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
-
The product dereferences a pointer that it expects to be valid but is NULL.Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-3597
-
http://secunia.com/advisories/31427
About Secunia Research | FlexeraBroken Link;Vendor Advisory
-
http://www.vupen.com/english/advisories/2008/2325
Webmail: access your OVH emails on ovhcloud.com | OVHcloudBroken Link
-
http://aluigi.altervista.org/adv/skulltagod-adv.txt
Broken Link
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/44363
Skulltag command 29 denial of service CVE-2008-3597 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://skulltag.com/forum/viewtopic.php?f=1&t=14716
Broken Link;Patch
Jump to