Vulnerabilities > CVE-2007-4257 - Unspecified vulnerability in LFS Live for Speed Sp1/Sp2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN lfs
exploit available
Summary
Multiple buffer overflows in Live for Speed (LFS) S1 and S2 allow user-assisted remote attackers to execute arbitrary code via (1) a .spr file (single player replay file) containing a long user name or (2) a .ply file containing a long number plate string, different vectors than CVE-2007-4140.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
description Live for Speed S1/S2/Demo (.spr file) Buffer Overflow Exploit. CVE-2007-4257. Local exploit for windows platform file exploits/windows/local/4263.cpp id EDB-ID:4263 last seen 2016-01-31 modified 2007-08-06 platform windows port published 2007-08-06 reporter n00b source https://www.exploit-db.com/download/4263/ title Live for Speed S1/S2/Demo - .spr Buffer Overflow Exploit type local description Live for Speed S1/S2/Demo (.ply file) Buffer Overflow Exploit. CVE-2007-4257. Local exploit for windows platform file exploits/windows/local/4262.cpp id EDB-ID:4262 last seen 2016-01-31 modified 2007-08-06 platform windows port published 2007-08-06 reporter n00b source https://www.exploit-db.com/download/4262/ title Live for Speed S1/S2/Demo - .ply Buffer Overflow Exploit type local
References
- http://osvdb.org/46768
- http://osvdb.org/46768
- http://osvdb.org/46769
- http://osvdb.org/46769
- http://www.securityfocus.com/bid/25206
- http://www.securityfocus.com/bid/25206
- http://www.securityfocus.com/bid/25208
- http://www.securityfocus.com/bid/25208
- https://www.exploit-db.com/exploits/4262
- https://www.exploit-db.com/exploits/4262
- https://www.exploit-db.com/exploits/4263
- https://www.exploit-db.com/exploits/4263