CVE-2007-3917
Published Oct 11, 2007
Last updated 7 years ago
Overview
- Description
- The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the truncate_message function in server/server.cpp. NOTE: this issue affects both clients and servers.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 6.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-134
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6F4D957E-7C2A-4062-A3DF-BD02E9CA5D43"
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D02358E6-E408-4A1C-A391-9F870625C5C6"
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "383AD5F9-7691-4DA8-9DD6-AAB110F54B51"
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51AF2340-3914-4411-BDC0-6B84548384B7"
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95688481-AC1B-4A58-90D3-E6E76D9E0011"
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3FF4FDE-AF17-4BCE-AFEC-CDA138B76231"
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "30C116EF-BD41-4820-8243-A680EEB70055"
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FADF53ED-10A0-4F03-8B8B-EE8CB4BDB9E6"
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8675995D-8CE9-4A5F-B8AB-E4C33C5EB6B7"
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "873FD0CA-4B14-4927-B430-52D24176FC8F"
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61B37AA0-8114-4F1A-B9D5-3DFAF896E644"
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40A6BB07-3825-412F-9E1D-1C990767157C"
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7024803-04D0-476E-B2EB-347D2A4F0CB0"
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F467E7C6-B3A3-4BAC-A377-9CA52A85A669"
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2794D70A-2180-424E-BFC7-848413BBA6B0"
}
],
"operator": "OR"
}
]
}
]