CVE-2009-2549

Armed Assault (aka ArmA) 1.14 and earlier, and 1.16 beta, and Armed Assault II 1.02 and earlier allows remote attackers to cause a denial of service via a join packet with a final field whose value is (1) 0, which triggers a server crash related to memory allocation, or (2) 1, which triggers CPU/memory consumption and a NULL pointer dereference.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
bistudioarma
𝑥
≤ 1.16_beta
bistudioarma
1.14
bistudioarma_2
𝑥
≤ 1.02
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://aluigi.altervista.org/adv/armazzo-adv.txt
http://www.vupen.com/english/advisories/2009/1951
http://aluigi.altervista.org/adv/armazzo-adv.txt
http://www.vupen.com/english/advisories/2009/1951