CVE-2007-5250 Information

Description

The Windows dedicated server for the Unreal engine as used by America’s Army and America’s Army Special Forces 2.8.2 and earlier when Punkbuster (PB) is enabled allows remote attackers to cause a denial of service (server hang) via packets containing 0x07 characters or other unspecified invalid characters. NOTE: this issue may overlap CVE-2007-4443. NOTE: this issue might be in Punkbuster itself but there are insufficient details to be certain.

Reference

http://aluigi.altervista.org/adv/aaboompb-adv.txt http://aluigi.org/poc/aaboompb.zip http://secunia.com/advisories/27015 http://securityreason.com/securityalert/3193 http://www.securityfocus.com/archive/1/481227/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/36898