Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1127


Vulnerability Score 6.0 6.0
CVE Id CVE-2008-1127
Last Modified 07 Mar 2011 10:05:59
Published 03 Mar 2008 06:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE



Format string vulnerability in the cryactio function in Crysis allows remote authenticated users to execute arbitrary code via format string specifiers in the user name, which is triggered when the game character is killed.

Vulnerable Systems


  • Crytek Crysis


VUPEN - ADV-2008-0735

BID - 28039

MILW0RM - 5201

SECUNIA - 29155

Last Updated: 27 May 2016 10:47:02