Описание
The (1) sgetstr and (2) getint functions in Sauerbraten 2006_02_28, as derived from the Cube engine, allow remote attackers to cause a denial of service (segmentation fault) via long streams of input data that trigger an out-of-bounds read, as demonstrated using SV_EXT tag data in the Cube engine, which is not properly handled by getint.
Ссылки
- ExploitVendor Advisory
- Exploit
- ExploitVendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sauerbraten:cube:2005-08-09:*:*:*:*:*:*:*
cpe:2.3:a:sauerbraten:sauerbraten:2006-02-28:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.43683
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The (1) sgetstr and (2) getint functions in Sauerbraten 2006_02_28, as derived from the Cube engine, allow remote attackers to cause a denial of service (segmentation fault) via long streams of input data that trigger an out-of-bounds read, as demonstrated using SV_EXT tag data in the Cube engine, which is not properly handled by getint.
EPSS
Процентиль: 97%
0.43683
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other