CVE-2007-3917

Published Oct 11, 2007

Last updated 8 years ago

CVSS info 7.8

Overview

Description: The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the truncate_message function in server/server.cpp. NOTE: this issue affects both clients and servers.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-134

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F4D957E-7C2A-4062-A3DF-BD02E9CA5D43"
          },
          {
            "criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D02358E6-E408-4A1C-A391-9F870625C5C6"
          },
          {
            "criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "383AD5F9-7691-4DA8-9DD6-AAB110F54B51"
          },
          {
            "criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51AF2340-3914-4411-BDC0-6B84548384B7"
          },
          {
            "criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "95688481-AC1B-4A58-90D3-E6E76D9E0011"
          },
          {
            "criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3FF4FDE-AF17-4BCE-AFEC-CDA138B76231"
          },
          {
            "criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30C116EF-BD41-4820-8243-A680EEB70055"
          },
          {
            "criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FADF53ED-10A0-4F03-8B8B-EE8CB4BDB9E6"
          },
          {
            "criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8675995D-8CE9-4A5F-B8AB-E4C33C5EB6B7"
          },
          {
            "criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "873FD0CA-4B14-4927-B430-52D24176FC8F"
          },
          {
            "criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61B37AA0-8114-4F1A-B9D5-3DFAF896E644"
          },
          {
            "criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40A6BB07-3825-412F-9E1D-1C990767157C"
          },
          {
            "criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E7024803-04D0-476E-B2EB-347D2A4F0CB0"
          },
          {
            "criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F467E7C6-B3A3-4BAC-A377-9CA52A85A669"
          },
          {
            "criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2794D70A-2180-424E-BFC7-848413BBA6B0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References