World in Conflict (WIC) 1.008 and earlier allows remote attackers to cause a denial of service (access violation and crash) via a zero-byte data block to TCP port 48000, which triggers a NULL pointer dereference.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Wic | Massive_entertainment | * | 1.008 (including) |
| Wic | Massive_entertainment | 1.000 (including) | 1.000 (including) |
| Wic | Massive_entertainment | 1.001 (including) | 1.001 (including) |
| Wic | Massive_entertainment | 1.002 (including) | 1.002 (including) |
| Wic | Massive_entertainment | 1.003 (including) | 1.003 (including) |
| Wic | Massive_entertainment | 1.005 (including) | 1.005 (including) |
| Wic | Massive_entertainment | 1.006 (including) | 1.006 (including) |
| Wic | Massive_entertainment | 1.007 (including) | 1.007 (including) |
References
- http://aluigi.altervista.org/adv/wicboom-adv.txt
- http://osvdb.org/46533
- http://secunia.com/advisories/30817
- http://www.securityfocus.com/archive/1/493596/100/0/threaded
- http://www.securityfocus.com/bid/29888
- http://www.vupen.com/english/advisories/2008/1901/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43289
- http://aluigi.altervista.org/adv/wicboom-adv.txt
- http://osvdb.org/46533
- http://secunia.com/advisories/30817
- http://www.securityfocus.com/archive/1/493596/100/0/threaded
- http://www.securityfocus.com/bid/29888
- http://www.vupen.com/english/advisories/2008/1901/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43289