CVE-2006-6227

Опубликовано: 02 дек. 2006

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The Core::Receive function in neonet/core.cpp for NeoEngine 0.8.2 and earlier, and CVS 3422, allow remote attackers to cause a denial of service (engine crash) via a message with a large uiMessageLength that produces a failed memory allocation and a null pointer dereference.

Ссылки

http://aluigi.altervista.org/adv/neoenginex-adv.txt
Vendor Advisory
http://www.osvdb.org/27927
http://www.securiteam.com/securitynews/5MP0N2AIUC.html
Vendor Advisory
http://www.securityfocus.com/bid/18696
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/27529
http://aluigi.altervista.org/adv/neoenginex-adv.txt
Vendor Advisory
http://www.osvdb.org/27927
http://www.securiteam.com/securitynews/5MP0N2AIUC.html
Vendor Advisory
http://www.securityfocus.com/bid/18696
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/27529

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:neoengine:neoengine:0.8.2:*:*:*:*:*:*:*

EPSS

Процентиль: 79%

0.01306

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-r2f6-wx3g-r4jw

github

почти 4 года назад