CVE-2008-6702

Stalker-game S.t.a.l.k.e.r. < 1.0006 - Improper Input Validation

Title source: rule

Description

S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (crash) via a long nickname, which triggers an exception.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Luigi Auriemma · cdosmultiple

https://www.exploit-db.com/exploits/31919

View Code ZIP pw:eip

References (7)

[Exploit] http://aluigi.altervista.org/adv/stalkerboom-adv.txt

[Vendor Advisory] http://secunia.com/advisories/30707

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/493366/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/29723

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/29997

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/43132

[Third Party Advisory, VDB Entry] http://osvdb.org/46432

Scores

EPSS 0.1163

EPSS Percentile 93.7%

Details

CWE

CWE-20

Status published

Products (1)

stalker-game/s.t.a.l.k.e.r.\ < 1.0006

Published Apr 10, 2009

Tracked Since Feb 18, 2026