CVE-2007-4508

{"id": "CVE-2007-4508", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2007-08-23T19:17:00.000", "references": [{"url": "http://aluigi.altervista.org/adv/asurabof-adv.txt", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/39799", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24023", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/26571", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/3053", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/477357/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/25411", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/2955", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/2956", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36221", "source": "cve@mitre.org"}, {"url": "http://aluigi.altervista.org/adv/asurabof-adv.txt", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/39799", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/24023", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/26571", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/3053", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/477357/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/25411", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/2955", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/2956", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36221", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in Rebellion Asura engine, as used for the server in Rogue Trooper 1.0 and earlier and Prism 1.1.1.0 and earlier, allows remote attackers to execute arbitrary code via a long string in a 0xf007 packet for the challenge B query."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en el motor Rebellion Asura, tal y como se utiliza para el servidor en Rogue Trooper 1.0 y anteriores y Prism 1.1.1.0 y anteriores, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una cadena larga en un paquete 0xf007 para la pregunta de reto B."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rebellion:rogue_trooper:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83D8B74F-D1A1-4EA2-A1AD-9996555B6553", "versionEndIncluding": "1.0"}, {"criteria": "cpe:2.3:a:rival_interactive:prism:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E71C1D69-2A87-4370-A4B4-0355B027B6BF", "versionEndIncluding": "1.1.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}