CVE-2025-34124 Information
Jul 17, 2025
cve
Description
A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0 HD Mod 3.808 build 9 and Demo 1.0.0.0 via malicious .h3m map files that exploit object sprite name parsing logic. The vulnerability occurs during in-game map loading when a crafted object name causes a buffer overflow potentially allowing arbitrary code execution. Exploitation requires the victim to open a malicious map file within the game.
Reference
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/homm3_h3m.rb https://www.exploit-db.com/exploits/37716 https://www.vulncheck.com/advisories/heroes-of-might-and-magic-iii-map-file-buffer-overflow
Related CNNVD
CNNVD-202507-2277 (Published: 2025-07-16)
Share on: