Vulnerabilities > CVE-2007-4425 - Unspecified vulnerability in Live for Speed Live for Speed Demo/S1/S2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple buffer overflows in Live for Speed (LFS) demo, S1, and S2 allow remote authenticated users to (1) cause a denial of service (server crash) and probably execute arbitrary code via an ID 3 packet with a long nickname field, and (2) cause a denial of service (server crash) via an ID 10 packet containing a long string corresponding to an unavailable track.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
References
- http://aluigi.altervista/adv/lfsbof-adv.txt
- http://aluigi.altervista/adv/lfsbof-adv.txt
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065265.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065265.html
- http://secunia.com/advisories/26569
- http://secunia.com/advisories/26569
- http://securityreason.com/securityalert/3030
- http://securityreason.com/securityalert/3030
- http://www.securityfocus.com/archive/1/476516/100/0/threaded
- http://www.securityfocus.com/archive/1/476516/100/0/threaded
- http://www.securityfocus.com/bid/25327
- http://www.securityfocus.com/bid/25327
- http://www.vupen.com/english/advisories/2007/2975
- http://www.vupen.com/english/advisories/2007/2975
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36021
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36021