Description
Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated users to cause a denial of service (crash) via a type 7 stats packet, which triggers a memcpy with a negative value.
Affected products
References
- MISChttp://www.securityfocus.com/bid/29026
- VENDOR_ADVISORYhttp://secunia.com/advisories/30050
- MISChttp://securityreason.com/securityalert/3858
- MISChttp://www.securityfocus.com/archive/1/491564/100/0/threaded
- MISChttp://aluigi.altervista.org/adv/cod4statz-adv.txt
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/42163