Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1147

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2006-1147
Last Modified 07 Mar 2011 09:32:09
Published 10 Mar 2006 06:02:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2006-1147

Summary

The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers (possibly authenticated) to cause a denial of service (application crash) via a long skin, weapon, or model name.

Vulnerable Systems

Application

  • Cor Entertainment Alien Arena 2006 Gold 5.00


References

VUPEN - ADV-2006-0882

BID - 17028

BUGTRAQ - 20060307 Multiple vulnerabilities in Alien Arena 2006 GE 5.00

OSVDB - 23749

SECUNIA - 19144

MISC - http://aluigi.altervista.org/adv/aa2k6x-adv.txt

XF - alien-com-sprintf-dos(25201)


Last Updated: 27 May 2016 10:41:56