CVE-2005-3486

Scorched 3D 39.1 (bf) and earlier - Remote Code Execution via Format String Vulnerabilities

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-3486.

AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in Scorched 3D <= 39.1, including format string and buffer overflow attacks. It provides functional code to trigger crashes or potential code execution via crafted network packets.

Description

Multiple format string vulnerabilities in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) ServerCommon::serverLog functions, and possibly other unspecified vectors.

Exploits (1)

exploitdb WORKING POC

cdoswindows

https://www.exploit-db.com/exploits/1285

View Code ZIP pw:eip

This exploit demonstrates multiple vulnerabilities in Scorched 3D <= 39.1, including format string and buffer overflow attacks. It provides functional code to trigger crashes or potential code execution via crafted network packets.

Classification

Working Poc 95%

Attack Type

Rce | Dos

Complexity

Moderate

Reliability

Reliable

Target: Scorched 3D <= 39.1

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK