CVE-2025-34124

A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9, and Demo 1.0.0.0 via malicious .h3m map files that exploit object sprite name parsing logic. The vulnerability occurs during in-game map loading when a crafted object name causes a buffer overflow, potentially allowing arbitrary code execution. Exploitation requires the victim to open a malicious map file within the game.

CVSS

No CVSS.

References

Link	Resource
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/homm3_h3m.rb
https://www.exploit-db.com/exploits/37716
https://www.vulncheck.com/advisories/heroes-of-might-and-magic-iii-map-file-buffer-overflow

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Existe una vulnerabilidad de desbordamiento de búfer en Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9 y Demo 1.0.0.0 mediante archivos de mapa .h3m maliciosos que explotan la lógica de análisis de nombres de sprites de objetos. La vulnerabilidad ocurre durante la carga de mapas dentro del juego cuando un nombre de objeto creado provoca un desbordamiento de búfer, lo que podría permitir la ejecución de código arbitrario. Para explotarla, la víctima debe abrir un archivo de mapa malicioso dentro del juego.

16 Jul 2025, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-16 22:15

Updated : 2026-04-15 00:35

NVD link : CVE-2025-34124

Mitre link : CVE-2025-34124

CVE.ORG link : CVE-2025-34124

JSON object : View

Products Affected

No product.

CWE

CWE-20

Improper Input Validation

CWE-94

Improper Control of Generation of Code ('Code Injection')

CWE-121

Stack-based Buffer Overflow

{"id": "CVE-2025-34124", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.4, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-07-16T22:15:23.840", "references": [{"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/homm3_h3m.rb", "source": "disclosure@vulncheck.com"}, {"url": "https://www.exploit-db.com/exploits/37716", "source": "disclosure@vulncheck.com"}, {"url": "https://www.vulncheck.com/advisories/heroes-of-might-and-magic-iii-map-file-buffer-overflow", "source": "disclosure@vulncheck.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-94"}, {"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9, and Demo 1.0.0.0 via malicious .h3m map files that exploit object sprite name parsing logic. The vulnerability occurs during in-game map loading when a crafted object name causes a buffer overflow, potentially allowing arbitrary code execution. Exploitation requires the victim to open a malicious map file within the game."}, {"lang": "es", "value": "Existe una vulnerabilidad de desbordamiento de b\u00fafer en Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9 y Demo 1.0.0.0 mediante archivos de mapa .h3m maliciosos que explotan la l\u00f3gica de an\u00e1lisis de nombres de sprites de objetos. La vulnerabilidad ocurre durante la carga de mapas dentro del juego cuando un nombre de objeto creado provoca un desbordamiento de b\u00fafer, lo que podr\u00eda permitir la ejecuci\u00f3n de c\u00f3digo arbitrario. Para explotarla, la v\u00edctima debe abrir un archivo de mapa malicioso dentro del juego."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "disclosure@vulncheck.com"}