Published: 08/08/2007 Updated: 29/09/2017

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 690

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Multiple buffer overflows in Live for Speed (LFS) S1 and S2 allow user-assisted remote malicious users to execute arbitrary code via (1) a .spr file (single player replay file) containing a long user name or (2) a .ply file containing a long number plate string, different vectors than CVE-2007-4140.

Vulnerable Product	Search on Vulmon	Subscribe to Product
lfs live for speed sp1
lfs live for speed sp2

/** ***** ************************************************************************** 0day Live for speed patch x s2 /s1 and demo local ply File buffer over flow Live for speed ply file is a set up file,This file is shared amongst user's Who want stylish number plate's on there car's the buffer over flow happened with An overly long number plate ...

/** ***** ************************************************************************** 0day Live for speed patch x s2 /s1 and demo local Spr File buffer over flow Spr file's are also exploitable although i had to go about it a different Way,At first it wasn't possible to do a jmp esp,But with a little more buffer i Managed to get it to point to our ...

NVD-CWE-Other http://www.securityfocus.com/bid/25208 http://www.securityfocus.com/bid/25206 http://osvdb.org/46768 http://osvdb.org/46769 https://www.exploit-db.com/exploits/4263 https://www.exploit-db.com/exploits/4262 https://nvd.nist.gov https://www.exploit-db.com/exploits/4262/

CVE-2007-4257

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect