{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-24T14:20:37.870","vulnerabilities":[{"cve":{"id":"CVE-2025-34124","sourceIdentifier":"disclosure@vulncheck.com","published":"2025-07-16T22:15:23.840","lastModified":"2026-06-17T09:13:30.600","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9, and Demo 1.0.0.0 via malicious .h3m map files that exploit object sprite name parsing logic. The vulnerability occurs during in-game map loading when a crafted object name causes a buffer overflow, potentially allowing arbitrary code execution. Exploitation requires the victim to open a malicious map file within the game."},{"lang":"es","value":"Existe una vulnerabilidad de desbordamiento de búfer en Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9 y Demo 1.0.0.0 mediante archivos de mapa .h3m maliciosos que explotan la lógica de análisis de nombres de sprites de objetos. La vulnerabilidad ocurre durante la carga de mapas dentro del juego cuando un nombre de objeto creado provoca un desbordamiento de búfer, lo que podría permitir la ejecución de código arbitrario. Para explotarla, la víctima debe abrir un archivo de mapa malicioso dentro del juego."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"The 3DO Company","product":"Heroes of Might and Magic III","defaultStatus":"unaffected","modules":[".h3m map file parser"],"platforms":["Windows"],"versions":[{"version":"Complete 4.0.0.0","status":"affected"},{"version":"HD Mod 3.808 build 9","status":"affected"},{"version":"Demo 1.0.0.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-07-17T19:34:38.937324Z","id":"CVE-2025-34124","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-94"},{"lang":"en","value":"CWE-121"}]}],"references":[{"url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/homm3_h3m.rb","source":"disclosure@vulncheck.com"},{"url":"https://www.exploit-db.com/exploits/37716","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/heroes-of-might-and-magic-iii-map-file-buffer-overflow","source":"disclosure@vulncheck.com"}]}}]}