Teeworlds: >> Teeworlds >> 0.4.3 Security Vulnerabilities
Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow. A map parser does not validate m_Channels value coming from a map file, leading to a buffer overflow. A malicious server may offer a specially crafted map that will overwrite client's stack causing denial of service or code execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-12-15
Teeworlds before 0.7.4 has an integer overflow when computing a tilemap size.
CVSS Score
9.8
EPSS Score
0.007
Published
2020-04-22
In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download packets.
CVSS Score
7.5
EPSS Score
0.02
Published
2018-10-20
The CClient::ProcessServerPacket method in engine/client/client.cpp in Teeworlds before 0.6.4 allows remote servers to write to arbitrary physical memory locations and possibly execute arbitrary code via vectors involving snap handling.
CVSS Score
9.8
EPSS Score
0.027
Published
2017-02-22