VYPR
Unrated severityNVD Advisory· Published Aug 20, 2007· Updated Jun 16, 2026

CVE-2007-4426

CVE-2007-4426

Description

Live for Speed (LFS) S1 and S2 allows remote attackers to cause a denial of service (server crash) via (1) a certain 0x00 byte in a pre-login ID 3 packet, which triggers a NULL dereference; or (2) a pre-login ID 5 packet that lacks certain strings, which triggers an invalid pointer dereference.

Affected products

4
  • cpe:2.3:a:live_for_speed:live_for_speed:s1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:live_for_speed:live_for_speed:s1:*:*:*:*:*:*:*
    • cpe:2.3:a:live_for_speed:live_for_speed:s2:*:*:*:*:*:*:*
    • (no CPE)range: S1 and S2
  • Aluigi/lfsbofllm-create

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.