Описание
Integer overflow in the NET_Compressor::Decompress function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server crash) via a crafted packet with a 0xc1 value that contains no compressed data, which triggers a copy of a large amount of memory.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0006 (включая)
cpe:2.3:a:stalker-game:s.t.a.l.k.e.r.\:_shadow_of_chernobyl:*:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.01896
Низкий
5 Medium
CVSS2
Дефекты
CWE-189
Связанные уязвимости
github
больше 3 лет назад
Integer overflow in the NET_Compressor::Decompress function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server crash) via a crafted packet with a 0xc1 value that contains no compressed data, which triggers a copy of a large amount of memory.
EPSS
Процентиль: 83%
0.01896
Низкий
5 Medium
CVSS2
Дефекты
CWE-189