Vulnerability Details CVE-2006-1100
Buffer overflow in the sgetstr function in shared/cube.h in Sauerbraten 2006_02_28 and earlier, as derived from the Cube engine, allows remote attackers to execute arbitrary code via long streams of input data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.263
EPSS Ranking 96.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://aluigi.altervista.org/adv/evilcube-adv.txt
- http://cvs.sourceforge.net/viewcvs.py/sauerbraten/sauerbraten/src/shared/cube.h?r1=1.7&r2=1.8
- http://secunia.com/advisories/19110
- http://secunia.com/advisories/19111
- http://secunia.com/advisories/19199
- http://www.gentoo.org/security/en/glsa/glsa-200603-10.xml
- http://www.securityfocus.com/archive/1/426865/100/0/threaded
- http://www.securityfocus.com/archive/1/426867/100/0/threaded
- http://www.securityfocus.com/bid/16986
- http://www.vupen.com/english/advisories/2006/0847
- http://www.vupen.com/english/advisories/2006/0848
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25083
- http://aluigi.altervista.org/adv/evilcube-adv.txt
- http://cvs.sourceforge.net/viewcvs.py/sauerbraten/sauerbraten/src/shared/cube.h?r1=1.7&r2=1.8
- http://secunia.com/advisories/19110
- http://secunia.com/advisories/19111
- http://secunia.com/advisories/19199
- http://www.gentoo.org/security/en/glsa/glsa-200603-10.xml
- http://www.securityfocus.com/archive/1/426865/100/0/threaded
- http://www.securityfocus.com/archive/1/426867/100/0/threaded
- http://www.securityfocus.com/bid/16986
- http://www.vupen.com/english/advisories/2006/0847
- http://www.vupen.com/english/advisories/2006/0848
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25083
Products affected by CVE-2006-1100
-
cpe:2.3:a:sauerbraten:cube:2005-08-09
-
cpe:2.3:a:sauerbraten:sauerbraten:2004-05-08
-
cpe:2.3:a:sauerbraten:sauerbraten:2004-05-23
-
cpe:2.3:a:sauerbraten:sauerbraten:2004-11-02
-
cpe:2.3:a:sauerbraten:sauerbraten:2005-05-24
-
cpe:2.3:a:sauerbraten:sauerbraten:2005-05-29
-
cpe:2.3:a:sauerbraten:sauerbraten:2005-06-05
-
cpe:2.3:a:sauerbraten:sauerbraten:2005-06-12
-
cpe:2.3:a:sauerbraten:sauerbraten:2005-07-04
-
cpe:2.3:a:sauerbraten:sauerbraten:2005-08-15
-
cpe:2.3:a:sauerbraten:sauerbraten:2005-11-07
-
cpe:2.3:a:sauerbraten:sauerbraten:2006-01-31
-
cpe:2.3:a:sauerbraten:sauerbraten:2006-02-27
-
cpe:2.3:a:sauerbraten:sauerbraten:2006-02-28
-
cpe:2.3:a:sauerbraten:sauerbraten:initial_2004-02-27