Vulnerability Description
Multiple buffer overflows in Live for Speed (LFS) S1 and S2 allow user-assisted remote attackers to execute arbitrary code via (1) a .spr file (single player replay file) containing a long user name or (2) a .ply file containing a long number plate string, different vectors than CVE-2007-4140.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lfs | Live For Speed | sp1 |
References
- http://osvdb.org/46768
- http://osvdb.org/46769
- http://www.securityfocus.com/bid/25206
- http://www.securityfocus.com/bid/25208
- https://www.exploit-db.com/exploits/4262
- https://www.exploit-db.com/exploits/4263
- http://osvdb.org/46768
- http://osvdb.org/46769
- http://www.securityfocus.com/bid/25206
- http://www.securityfocus.com/bid/25208
- https://www.exploit-db.com/exploits/4262
- https://www.exploit-db.com/exploits/4263
FAQ
What is CVE-2007-4257?
CVE-2007-4257 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Multiple buffer overflows in Live for Speed (LFS) S1 and S2 allow user-assisted remote attackers to execute arbitrary code via (1) a .spr file (single player replay file) containing a long user name o...
How severe is CVE-2007-4257?
CVE-2007-4257 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-4257?
Check the references section above for vendor advisories and patch information. Affected products include: Lfs Live For Speed.