CVE-2005-4610

Format string vulnerability in the server for Dopewars before 1.5.12, when running as an NT service, allows remote attackers to execute arbitrary code via unspecified attack vectors.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://sourceforge.net/project/shownotes.php?release_id=381793	Patch
http://www.securityfocus.com/bid/16104	Patch
http://secunia.com/advisories/18246	Patch Vendor Advisory
http://www.osvdb.org/22125
http://www.vupen.com/english/advisories/2006/0001

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:dopewars:dopewars:1.5:::::::*
	cpe:2.3:a:dopewars:dopewars:1.5.1:::::::*
	cpe:2.3:a:dopewars:dopewars:1.5_beta1:::::::*
	cpe:2.3:a:dopewars:dopewars:1.5_beta2:::::::*
	cpe:2.3:a:dopewars:dopewars:1.5.4:::::::*
	cpe:2.3:a:dopewars:dopewars:1.5.5:::::::*
	cpe:2.3:a:dopewars:dopewars:1.5.2:::::::*
	cpe:2.3:a:dopewars:dopewars:1.5.3:::::::*
	cpe:2.3:a:dopewars:dopewars:1.5.6:::::::*
	cpe:2.3:a:dopewars:dopewars:1.5.7:::::::*

Information

Published : 2005-12-30 21:00

Updated : 2011-03-07 18:28

NVD link : CVE-2005-4610

Mitre link : CVE-2005-4610

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

dopewars

dopewars

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://sourceforge.net/project/shownotes.php?release_id=381793", "name": "http://sourceforge.net/project/shownotes.php?release_id=381793", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/16104", "name": "16104", "tags": ["Patch"], "refsource": "BID"}, {"url": "http://secunia.com/advisories/18246", "name": "18246", "tags": ["Patch", "Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.osvdb.org/22125", "name": "22125", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.vupen.com/english/advisories/2006/0001", "name": "ADV-2006-0001", "tags": [], "refsource": "VUPEN"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Format string vulnerability in the server for Dopewars before 1.5.12, when running as an NT service, allows remote attackers to execute arbitrary code via unspecified attack vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2005-4610", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2005-12-31T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:dopewars:dopewars:1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dopewars:dopewars:1.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dopewars:dopewars:1.5_beta1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dopewars:dopewars:1.5_beta2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dopewars:dopewars:1.5.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dopewars:dopewars:1.5.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dopewars:dopewars:1.5.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dopewars:dopewars:1.5.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dopewars:dopewars:1.5.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dopewars:dopewars:1.5.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2011-03-08T02:28Z"}