Vulnerabilities > CVE-2008-6712 - Remote Denial of Service vulnerability in EA Crysis 1.1/1.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The HTTP/XML-RPC service in Crysis 1.21 (game version 1.1.1.6156) and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request, which triggers a NULL pointer dereference.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Exploit-Db
description | Crysis 1.21 HTTP/XML-RPC Service Remote Denial of Service Vulnerability. CVE-2008-6712. Dos exploits for multiple platform |
id | EDB-ID:31931 |
last seen | 2016-02-03 |
modified | 2008-06-16 |
published | 2008-06-16 |
reporter | Luigi Auriemma |
source | https://www.exploit-db.com/download/31931/ |
title | Crysis 1.21 - HTTP/XML-RPC Service Remote Denial of Service Vulnerability |
References
- http://aluigi.org/poc/dontcrysis.txt
- http://archives.neohapsis.com/archives/fulldisclosure/2008-06/0211.html
- http://osvdb.org/46261
- http://secunia.com/advisories/30675
- http://www.securityfocus.com/archive/1/493385/100/0/threaded
- http://www.securityfocus.com/bid/29759
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43126