Vulnerability Description
Battlefront Dropteam 1.3.3 and earlier sends the client's online account name and password to the game server, which allows malicious game servers to steal account information.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Battlefront | Dropteam | <= 1.3.3 |
Related Weaknesses (CWE)
References
- http://aluigi.altervista.org/adv/dropteamz-adv.txt
- http://secunia.com/advisories/27107Vendor Advisory
- http://securityreason.com/securityalert/3202
- http://www.securityfocus.com/archive/1/481616/100/0/threaded
- http://www.securityfocus.com/bid/25943
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36978
- http://aluigi.altervista.org/adv/dropteamz-adv.txt
- http://secunia.com/advisories/27107Vendor Advisory
- http://securityreason.com/securityalert/3202
- http://www.securityfocus.com/archive/1/481616/100/0/threaded
- http://www.securityfocus.com/bid/25943
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36978
FAQ
What is CVE-2007-5264?
CVE-2007-5264 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Battlefront Dropteam 1.3.3 and earlier sends the client's online account name and password to the game server, which allows malicious game servers to steal account information.
How severe is CVE-2007-5264?
CVE-2007-5264 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5264?
Check the references section above for vendor advisories and patch information. Affected products include: Battlefront Dropteam.