Vulnerabilities (CVE)

Filtered by vendor Live For Speed Subscribe
Filtered by product Live For Speed
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-4426 1 Live For Speed 1 Live For Speed 2024-02-04 5.0 MEDIUM N/A
Live for Speed (LFS) S1 and S2 allows remote attackers to cause a denial of service (server crash) via (1) a certain 0x00 byte in a pre-login ID 3 packet, which triggers a NULL dereference; or (2) a pre-login ID 5 packet that lacks certain strings, which triggers an invalid pointer dereference.
CVE-2007-4425 1 Live For Speed 1 Live For Speed 2024-02-04 6.0 MEDIUM N/A
Multiple buffer overflows in Live for Speed (LFS) demo, S1, and S2 allow remote authenticated users to (1) cause a denial of service (server crash) and probably execute arbitrary code via an ID 3 packet with a long nickname field, and (2) cause a denial of service (server crash) via an ID 10 packet containing a long string corresponding to an unavailable track.