Back
CVE-2000-0969
Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon.
Published: Dec 19, 2000
Modified: Apr 16, 2026
CVSS Metrics
Affected Products (1)
| Vendor | Product | Version |
|---|---|---|
| valve_software | half-life_dedicated_server | 3.1.3 |
GitHub Security Advisory GHSA-jrm7-fxfw-383p
Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote...
References (10)
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0254.html
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0409.html
- http://www.osvdb.org/6983
- http://www.securityfocus.com/archive/1/141060
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5413
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0254.html
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0409.html
- http://www.osvdb.org/6983
- http://www.securityfocus.com/archive/1/141060
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5413
Risk Scores
CVSS Score
10.0 / 10
EPSS Score
2.70%
Top 14% most likely to be exploited
Threat Score
40.8 / 100
Data Sources
NVD
EPSS
GitHub