CVE-2009-3924

Soldier of Fortune II - Buffer Overflow

Title source: llm
STIX 2.1

Description

Buffer overflow in pbsv.dll, as used in Soldier of Fortune II and possibly other applications when Even Balance PunkBuster 1.728 or earlier is enabled, allows remote attackers to cause a denial of service (application server crash) and possibly execute arbitrary code via a long restart packet.

References (4)

Core 4
Core References
Third Party Advisory x_refsource_misc
http://aluigi.altervista.org/adv/sof2pbbof-adv.txt
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/52400
Patch x_refsource_misc
http://aluigi.org/poc/sof2pbbof.zip
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/36221

Scores

EPSS 0.0395
EPSS Percentile 89.2%

Details

CWE
CWE-119
Status published
Products (9)
punkbuster/punkbuster 1.272
punkbuster/punkbuster 1.457
punkbuster/punkbuster 1.458
punkbuster/punkbuster 1.641
punkbuster/punkbuster 1.642
punkbuster/punkbuster 1.718
punkbuster/punkbuster 1.723
punkbuster/punkbuster < 1.728
raven_software/soldier_of_fortune_2
Published Nov 10, 2009
Tracked Since Feb 18, 2026