Описание
A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tech 1 (aka Doom engine) allows arbitrary code execution via an unsafe usage of fscanf, because it does not limit the number of characters to be read in a format argument.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code commented out |
| devel | not-affected | code commented out |
| eoan | not-affected | code commented out |
| esm-apps/bionic | not-affected | code commented out |
| esm-apps/focal | not-affected | code commented out |
| esm-apps/xenial | not-affected | code commented out |
| esm-infra-legacy/trusty | DNE | |
| focal | not-affected | code commented out |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
Показывать по
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tech 1 (aka Doom engine) allows arbitrary code execution via an unsafe usage of fscanf, because it does not limit the number of characters to be read in a format argument.
A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tec ...
A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tech 1 (aka Doom engine) allows arbitrary code execution via an unsafe usage of fscanf, because it does not limit the number of characters to be read in a format argument.
7.5 High
CVSS2
9.8 Critical
CVSS3