Vulnerability Description
Buffer overflow in pbsv.dll, as used in Soldier of Fortune II and possibly other applications when Even Balance PunkBuster 1.728 or earlier is enabled, allows remote attackers to cause a denial of service (application server crash) and possibly execute arbitrary code via a long restart packet.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Raven Software | Soldier Of Fortune 2 | All versions |
| Punkbuster | Punkbuster | <= 1.728 |
Related Weaknesses (CWE)
References
- http://aluigi.altervista.org/adv/sof2pbbof-adv.txt
- http://aluigi.org/poc/sof2pbbof.zipPatch
- http://secunia.com/advisories/36221
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52400
- http://aluigi.altervista.org/adv/sof2pbbof-adv.txt
- http://aluigi.org/poc/sof2pbbof.zipPatch
- http://secunia.com/advisories/36221
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52400
FAQ
What is CVE-2009-3924?
CVE-2009-3924 is a vulnerability with a CVSS score of 9.3 (HIGH). Buffer overflow in pbsv.dll, as used in Soldier of Fortune II and possibly other applications when Even Balance PunkBuster 1.728 or earlier is enabled, allows remote attackers to cause a denial of ser...
How severe is CVE-2009-3924?
CVE-2009-3924 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-3924?
Check the references section above for vendor advisories and patch information. Affected products include: Raven Software Soldier Of Fortune 2, Punkbuster Punkbuster.