Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a denial of service (crash) via the (1) load, (2) spy and (3) bomb functions.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-134,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| empire_server | empire_server | 4.2.12 |
| empire_server | empire_server | 4.2.23 |
| empire_server | empire_server | 4.2.10 |
| empire_server | empire_server | 4.2.17 |
| empire_server | empire_server | 4.2.20 |
| empire_server | empire_server | * |
| empire_server | empire_server | 4.2.15 |
| empire_server | empire_server | 4.2.11 |
| empire_server | empire_server | 4.2.13 |
| empire_server | empire_server | 4.2.14 |
| empire_server | empire_server | 4.2.16 |
| empire_server | empire_server | 4.2.22 |
| empire_server | empire_server | 4.2.21 |
| empire_server | empire_server | 4.2.18 |
| empire_server | empire_server | 4.2.19 |
The client_cmd function in Empire 4.3.2 and earlier allows remote attackers to cause a denial of service (application crash) by causing long text strings to be appended to the player->client buffer, which causes an invalid memory access.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| empire_server | empire_server | 4.3.2 |
| empire_server | empire_server | 4.3.0 |