- Description
- Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:valve_software:half-life_dedicated_server:3.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0CA42F82-2F19-4253-B9B2-AED23607672E"
}
],
"operator": "OR"
}
]
}
]