Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4426


Vulnerability Score 5.0 5.0
CVE Id CVE-2007-4426
Last Modified 07 Mar 2011 09:58:33
Published 20 Aug 2007 02:17:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Live for Speed (LFS) S1 and S2 allows remote attackers to cause a denial of service (server crash) via (1) a certain 0x00 byte in a pre-login ID 3 packet, which triggers a NULL dereference; or (2) a pre-login ID 5 packet that lacks certain strings, which triggers an invalid pointer dereference.

Vulnerable Systems


  • Live For Speed S1

  • Live For Speed S2


XF - lfs-memcpy-dos(36020)

XF - lfs-prelogin-dos(36019)

VUPEN - ADV-2007-2975

BUGTRAQ - 20070814 Multiple vulnerabilities in Live for Speed 0.5X10

SREASON - 3030

SECUNIA - 26569

Last Updated: 27 May 2016 10:45:52