ID CVE-2006-1075
Summary Format string vulnerability in the visualization function in Jason Boettcher Liero Xtreme 0.62b and earlier allows remote attackers to execute arbitrary code via format string specifiers in (1) a nickname, (2) a dedicated server name, or (3) a mapname in a level (aka .lxl) file.
References
Vulnerable Configurations
  • cpe:2.3:a:jason_boettcher:liero_xtreme:0.56b_pack_1.7:*:*:*:*:*:*:*
    cpe:2.3:a:jason_boettcher:liero_xtreme:0.56b_pack_1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:jason_boettcher:liero_xtreme:0.62b:*:*:*:*:*:*:*
    cpe:2.3:a:jason_boettcher:liero_xtreme:0.62b:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 18-10-2018 - 16:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 16990
bugtraq 20060306 Multiple vulnerabilities in Liero Xtreme 0.62b
misc http://aluigi.altervista.org/adv/lieroxxx-adv.txt
secunia 19079
sreason 549
vupen ADV-2006-0849
xf liero-visualization-format-string(25187)
Last major update 18-10-2018 - 16:30
Published 09-03-2006 - 00:02
Last modified 18-10-2018 - 16:30
Back to Top