CVE-2008-1127
First published: Mon Mar 03 2008(Updated: )
Format string vulnerability in the cryactio function in Crysis 1.1.1.5879 allows remote authenticated users to execute arbitrary code via format string specifiers in the user name, which is triggered when the game character is killed.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Crysis | =1.1.1.5879 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2008-1127?
CVE-2008-1127 is rated as a high severity vulnerability due to its potential to allow remote authenticated users to execute arbitrary code.
How do I fix CVE-2008-1127?
To fix CVE-2008-1127, update the Crysis game to the latest version that addresses this vulnerability.
What types of attacks are possible with CVE-2008-1127?
CVE-2008-1127 allows remote authenticated users to exploit format string vulnerabilities which can lead to arbitrary code execution.
Who is affected by CVE-2008-1127?
CVE-2008-1127 affects users of Crysis version 1.1.1.5879 who have remote authenticated access.
What software is vulnerable to CVE-2008-1127?
The specific software vulnerable to CVE-2008-1127 is Crysis version 1.1.1.5879.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/severity
- agent/last-modified-date
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/crytek
- canonical/crysis
- version/crysis/1.1.1.5879