World in Conflict GetMagicNumberString Function Remote Denial of Service Vulnerability

Bugtraq ID:	25985
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2007-5369
Remote:	Yes
Local:	No
Published:	Oct 09 2007 12:00AM
Updated:	May 07 2015 05:35PM
Credit:	Luigi Auriemma is credited with the discovery of this vulnerability.
Vulnerable:	Massive Entertainment World in Conflict 1.000
Not Vulnerable:	Massive Entertainment World in Conflict 1.001

World in Conflict GetMagicNumberString Function Remote Denial of Service Vulnerability

World in Conflict is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions.

An attacker could exploit this issue to crash the affected application, denying service to legitimate users.

This issue affects World in Conflict 1.000; other versions may also be affected.

World in Conflict GetMagicNumberString Function Remote Denial of Service Vulnerability

An attacker can exploit this issue using readily available networking tools.

World in Conflict GetMagicNumberString Function Remote Denial of Service Vulnerability

Solution:
The vendor released an update to address this issue. Please contact the vendor for information on how to obtain and apply this update.

World in Conflict GetMagicNumberString Function Remote Denial of Service Vulnerability

References:

• World in Conflict Homepage (Massive Entertainment)
  
• NULL pointer crash in World in Conflict 1.000 ([email protected])