Aggregates CVE and security vulnerability intelligence across all sierra-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk input validation, vendor risk buffer overflow, and vendor risk denial of service, with potential vendor impact unexpected behavior across vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2008-3286 | SWAT 4 1.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a (1) VERIFYCONTENT or (2) GAMECONFIG command sent to the server before user session initialization, which triggers a NULL pointer dereference; or (3) a GAMESPYRESPONSE command followed by a long RS string. | [email protected] | 5.0 | 8.79% | 2008-07-24 | 2026-04-23 |
| CVE-2001-0359 | Format string vulnerability in Sierra Half-Life build 1573 and earlier allows a remote attacker to execute arbitrary code via the map command. | [email protected] | 7.5 | 1.84% | 2001-06-27 | 2026-04-16 |
| CVE-2001-0358 | Buffer overflows in Sierra Half-Life build 1573 and earlier allow remote attackers to execute arbitrary code via (1) a long map command, (2) a long exec command, or (3) long input in a configuration file. | [email protected] | 7.5 | 3.21% | 2001-06-27 | 2026-04-16 |