Vulnerability Description
The Windows dedicated server for the Unreal engine, as used by America's Army and America's Army Special Forces 2.8.2 and earlier, when Punkbuster (PB) is enabled, allows remote attackers to cause a denial of service (server hang) via packets containing 0x07 characters or other unspecified invalid characters. NOTE: this issue may overlap CVE-2007-4443. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Americasarmy | America\'S Army | <= 2.8.2 |
| Americasarmy | America\'S Army Special Forces | <= 2.8.2 |
Related Weaknesses (CWE)
References
- http://aluigi.altervista.org/adv/aaboompb-adv.txtExploit
- http://aluigi.org/poc/aaboompb.zipExploit
- http://secunia.com/advisories/27015
- http://securityreason.com/securityalert/3193
- http://www.securityfocus.com/archive/1/481227/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36898
- http://aluigi.altervista.org/adv/aaboompb-adv.txtExploit
- http://aluigi.org/poc/aaboompb.zipExploit
- http://secunia.com/advisories/27015
- http://securityreason.com/securityalert/3193
- http://www.securityfocus.com/archive/1/481227/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36898
FAQ
What is CVE-2007-5250?
CVE-2007-5250 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The Windows dedicated server for the Unreal engine, as used by America's Army and America's Army Special Forces 2.8.2 and earlier, when Punkbuster (PB) is enabled, allows remote attackers to cause a d...
How severe is CVE-2007-5250?
CVE-2007-5250 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5250?
Check the references section above for vendor advisories and patch information. Affected products include: Americasarmy America\'S Army, Americasarmy America\'S Army Special Forces.