Vulnerabilities > CVE-2007-5369 - Numeric Errors vulnerability in Massive Entertainment World in Conflict 1.000

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

massive-entertainment

CWE-189

NVD

Published: 2007-10-11

Updated: 2018-10-15

Summary

The GetMagicNumberString function in Massive Entertainment World in Conflict 1.000 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a string to the VoIP port (52999/tcp) with an invalid value in the third byte.

Vulnerable Configurations

Part	Description	Count
Application	Massive_Entertainment Massive Entertainment World IN Conflict 1.000	1

Common Weakness Enumeration (CWE)

CWE-189 - Numeric Errors

References

http://secunia.com/advisories/27157
http://securityreason.com/securityalert/3214
http://www.massive.se/Index.asp?nNewsId=1387
http://www.securityfocus.com/archive/1/481895/100/0/threaded
http://www.securityfocus.com/bid/25985
http://www.vupen.com/english/advisories/2007/3448
https://exchange.xforce.ibmcloud.com/vulnerabilities/37034