CVE-2008-6713

World in Conflict (WIC) 1.008 and earlier allows remote attackers to cause a denial of service (access violation and crash) via a zero-byte data block to TCP port 48000, which triggers a NULL pointer dereference.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://aluigi.altervista.org/adv/wicboom-adv.txt
http://osvdb.org/46533
http://secunia.com/advisories/30817	Vendor Advisory
http://www.securityfocus.com/archive/1/493596/100/0/threaded
http://www.securityfocus.com/bid/29888	Exploit
http://www.vupen.com/english/advisories/2008/1901/references	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/43289
http://aluigi.altervista.org/adv/wicboom-adv.txt
http://osvdb.org/46533
http://secunia.com/advisories/30817	Vendor Advisory
http://www.securityfocus.com/archive/1/493596/100/0/threaded
http://www.securityfocus.com/bid/29888	Exploit
http://www.vupen.com/english/advisories/2008/1901/references	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/43289

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:massive_entertainment:wic::::::::
	cpe:2.3:a:massive_entertainment:wic:1.000:::::::*
	cpe:2.3:a:massive_entertainment:wic:1.001:::::::*
	cpe:2.3:a:massive_entertainment:wic:1.002:::::::*
	cpe:2.3:a:massive_entertainment:wic:1.003:::::::*
	cpe:2.3:a:massive_entertainment:wic:1.005:::::::*
	cpe:2.3:a:massive_entertainment:wic:1.006:::::::*
	cpe:2.3:a:massive_entertainment:wic:1.007:::::::*

History

21 Nov 2024, 00:57

Type	Values Removed	Values Added
References	~~() http://aluigi.altervista.org/adv/wicboom-adv.txt -~~	() http://aluigi.altervista.org/adv/wicboom-adv.txt -
References	~~() http://osvdb.org/46533 -~~	() http://osvdb.org/46533 -
References	~~() http://secunia.com/advisories/30817 - Vendor Advisory~~	() http://secunia.com/advisories/30817 - Vendor Advisory
References	~~() http://www.securityfocus.com/archive/1/493596/100/0/threaded -~~	() http://www.securityfocus.com/archive/1/493596/100/0/threaded -
References	~~() http://www.securityfocus.com/bid/29888 - Exploit~~	() http://www.securityfocus.com/bid/29888 - Exploit
References	~~() http://www.vupen.com/english/advisories/2008/1901/references - Vendor Advisory~~	() http://www.vupen.com/english/advisories/2008/1901/references - Vendor Advisory
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/43289 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/43289 -

Information

Published : 2009-04-10 22:00

Updated : 2025-04-09 00:30

NVD link : CVE-2008-6713

Mitre link : CVE-2008-6713

CVE.ORG link : CVE-2008-6713

JSON object : View

Products Affected

massive_entertainment

CWE

CWE-399

Resource Management Errors

{"id": "CVE-2008-6713", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-04-10T22:00:00.797", "references": [{"url": "http://aluigi.altervista.org/adv/wicboom-adv.txt", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/46533", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/30817", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/493596/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/29888", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/1901/references", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43289", "source": "cve@mitre.org"}, {"url": "http://aluigi.altervista.org/adv/wicboom-adv.txt", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/46533", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/30817", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/493596/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/29888", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2008/1901/references", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43289", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-399"}]}], "descriptions": [{"lang": "en", "value": "World in Conflict (WIC) 1.008 and earlier allows remote attackers to cause a denial of service (access violation and crash) via a zero-byte data block to TCP port 48000, which triggers a NULL pointer dereference."}, {"lang": "es", "value": "World in Conflict (WIC) v1.008 y anteriores permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (violaci\u00f3n de acceso y ca\u00edda) a trav\u00e9s de un block de datos zero-byte al puerto 48000 TCP, lo que provoca una desreferenciaci\u00f3n de puntero nulo.\r\n"}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:massive_entertainment:wic:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF6A7B57-F319-45D9-B4B7-7C2D327BAD93", "versionEndIncluding": "1.008"}, {"criteria": "cpe:2.3:a:massive_entertainment:wic:1.000:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42A169F0-0538-4F86-BBEA-364C4CCE9C03"}, {"criteria": "cpe:2.3:a:massive_entertainment:wic:1.001:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74AD4BBF-BDEF-4E28-8193-FDE28DA82C65"}, {"criteria": "cpe:2.3:a:massive_entertainment:wic:1.002:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9315BFF-078B-434B-9076-EFD3A7F730AA"}, {"criteria": "cpe:2.3:a:massive_entertainment:wic:1.003:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BB1DFA1-138A-4998-AD04-F0CDA3F20C30"}, {"criteria": "cpe:2.3:a:massive_entertainment:wic:1.005:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03B5DF66-1148-4B88-9C6C-AE1D06355202"}, {"criteria": "cpe:2.3:a:massive_entertainment:wic:1.006:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6845BCF6-1E2D-4D77-AFEC-900B5BE61747"}, {"criteria": "cpe:2.3:a:massive_entertainment:wic:1.007:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0D85DC2-9367-4213-89DD-B81B89BE0403"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

5.0 /10