Описание
The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the truncate_message function in server/server.cpp. NOTE: this issue affects both clients and servers.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.1+reverted+to+1.0.2-0ubuntu1.2 |
| devel | not-affected | 1:1.2.8-1 |
| edgy | released | 1.1.8-1ubuntu0.2 |
| feisty | released | 1.2.3-0ubuntu1.1 |
| gutsy | released | 1.2.6-1ubuntu2.1 |
| upstream | released | 1.2.7 |
Показывать по
Ссылки на источники
EPSS
7.8 High
CVSS2
Связанные уязвимости
The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the truncate_message function in server/server.cpp. NOTE: this issue affects both clients and servers.
The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before ...
The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the truncate_message function in server/server.cpp. NOTE: this issue affects both clients and servers.
EPSS
7.8 High
CVSS2