Vulnerabilities > CVE-2008-6712 - Remote Denial of Service vulnerability in EA Crysis 1.1/1.2

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

exploit available

NVD

Published: 2009-04-10

Updated: 2018-10-11

Summary

The HTTP/XML-RPC service in Crysis 1.21 (game version 1.1.1.6156) and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request, which triggers a NULL pointer dereference.

Vulnerable Configurations

Part	Description	Count
Application	Ea EA Crysis 1.1 EA Crysis 1.2 EA Crysis *	3

Exploit-Db

description	Crysis 1.21 HTTP/XML-RPC Service Remote Denial of Service Vulnerability. CVE-2008-6712. Dos exploits for multiple platform
id	EDB-ID:31931
last seen	2016-02-03
modified	2008-06-16
published	2008-06-16
reporter	Luigi Auriemma
source	https://www.exploit-db.com/download/31931/
title	Crysis 1.21 - HTTP/XML-RPC Service Remote Denial of Service Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References