CVE-2007-5248 Information
Description
Multiple format string vulnerabilities in the ID Software Doom 3 engine as used by Doom 3 1.3.1 and earlier Quake 4 1.4.2 and earlier and Prey 1.3 and earlier when Punkbuster (PB) is enabled allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in (1) a PB_Y packet to the YPG server or (2) a PB_U packet to UCON. NOTE: this issue might be in Punkbuster itself but there are insufficient details to be certain.
Reference
http://aluigi.altervista.org/adv/d3engfspb-adv.txt http://aluigi.org/poc/d3engfspb.zip http://secunia.com/advisories/27002 http://secunia.com/advisories/27023 http://secunia.com/advisories/27036 http://securityreason.com/securityalert/3196 http://www.securityfocus.com/archive/1/481229/100/0/threaded http://www.securityfocus.com/bid/25893 http://www.vupen.com/english/advisories/2007/3333 https://exchange.xforce.ibmcloud.com/vulnerabilities/36899
Share on: