Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The GetMagicNumberString function in Massive Entertainment World in Conflict 1.000 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a string to the VoIP port (52999/tcp) with an invalid value in the third byte.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
World in Conflict GetMagicNumberString函数远程拒绝服务漏洞
Vulnerability Description
World in Conflict是Massive娱乐公司开发的一款RTS即时战略游戏。 World in Conflict处理畸形请求数据时存在漏洞,远程攻击者可能利用此漏洞导致服务器程序崩溃。 World in Conflict游戏服务器的GetMagicNumberString函数在VOIP端口52999上获得从客户端接受到数据的第三个字节,如果这个值有效的话就返回文本字符串,如果无效的话返回NULL,然后该函数的返回的字符串会与另一个字符串做比较,这里会出现空指针访问,导致服务器崩溃。
CVSS Information
N/A
Vulnerability Type
N/A