CVE-2004-0290

Buffer overflow in Purge Jihad 2.0.1 and earlier allows remote game servers to execute arbitrary code via an information packet that contains large (1) battle type and (2) map name fields.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.securityfocus.com/bid/9671	Exploit Vendor Advisory
http://purge.worthplaying.com/phpbb/viewtopic.php?t=1167
http://marc.info/?l=bugtraq&m=107695064204362&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/15216

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:freeform_interactive:purge:1.4.7:::::::*
	cpe:2.3:a:freeform_interactive:purge_jihad:2.0.1:::::::*

Information

Published : 2004-11-22 21:00

Updated : 2017-07-10 18:30

NVD link : CVE-2004-0290

Mitre link : CVE-2004-0290

JSON object : View

CWE

NVD-CWE-Other

Products Affected

freeform_interactive

purge_jihad
purge

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/9671", "name": "9671", "tags": ["Exploit", "Vendor Advisory"], "refsource": "BID"}, {"url": "http://purge.worthplaying.com/phpbb/viewtopic.php?t=1167", "name": "http://purge.worthplaying.com/phpbb/viewtopic.php?t=1167", "tags": [], "refsource": "CONFIRM"}, {"url": "http://marc.info/?l=bugtraq&m=107695064204362&w=2", "name": "20040216 Broadcast client buffer-overflow in Purge Jihad <= 2.0.1", "tags": [], "refsource": "BUGTRAQ"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15216", "name": "purge-battletype-map-bo(15216)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Buffer overflow in Purge Jihad 2.0.1 and earlier allows remote game servers to execute arbitrary code via an information packet that contains large (1) battle type and (2) map name fields."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2004-0290", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2004-11-23T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:freeform_interactive:purge:1.4.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freeform_interactive:purge_jihad:2.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-11T01:30Z"}

10.0 /10