Interactive Studio GamePort 3.0/3.1/4.0 - Arbitrary Application Execution

EDB-ID:

25013

CVE:

N/A




Platform:

Windows

Date:

2004-12-17


source: https://www.securityfocus.com/bid/12006/info

Gameport is reported prone to multiple vulnerabilities in the client and server. These issues may allow an attacker to gain unauthorized access to a vulnerable server and execute arbitrary code on a vulnerable client.

The following specific issues were reported:

An attacker can bypass the connection time limit restrictions imposed by a server.

A local attacker can gain access to a server's administrative password.

A server can execute arbitrary applications on a client. 

^^#CALL#:CMD.exe