Vulnerabilities > CVE-2004-1500 - Remote Format String vulnerability in Monolith Lithtech Game Engine

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

local

low complexity

freeform-interactive

monolith-productions

exploit available

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a message.

Vulnerable Configurations

Part	Description	Count
Application	Freeform_Interactive Freeform Interactive Purge Jihad 2.2.1	1
Application	Monolith_Productions Monolith Productions Alien Versus Predator 2.1.0.9.6 Monolith Productions Blood 2.2.1 Monolith Productions Contract Jack 1.1 Monolith Productions Global Operations 2.0 Monolith Productions Global Operations 2.1 Monolith Productions Kiss Psycho Circus 1.13 Monolith Productions Legends OF Might AND Magic 1.1 Monolith Productions NO ONE Lives Forever 1.0.004 Monolith Productions NO ONE Lives Forever 2.1.3 Monolith Productions Sanity 1.0 Monolith Productions Shogo 2.2 Monolith Productions Tron 2.0.1.42	12

Exploit-Db

description	Monolith Lithtech Game Engine Multiple Remote Format String Vulnerabilities. CVE-2004-1500. Remote exploits for multiple platform
id	EDB-ID:24724
last seen	2016-02-02
modified	2004-11-05
published	2004-11-05
reporter	Luigi Auriemma
source	https://www.exploit-db.com/download/24724/
title	Monolith Lithtech Game Engine Multiple Remote Format String Vulnerabilities

Summary

Vulnerable Configurations

Exploit-Db

References