Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1592

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1592
Last Modified 07 Mar 2011 09:33:23
Published 03 Apr 2006 06:04:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1592

Summary

Buffer overflow in the is_client_wad_ok function in w_wad.cpp for (1) Zdaemon 1.08.01 and (2) X-Doom allows remote attackers to execute arbitrary code via a long filename argument.

Vulnerable Systems

Application

  • X-doom 1.06.07

  • Zdaemon 1.08.01


References

VUPEN - ADV-2006-1199

VUPEN - ADV-2006-1198

BUGTRAQ - 20060331 Buffer-overflow and in-game crash in Zdaemon 1.08.01

SECUNIA - 19509

MISC - http://aluigi.altervista.org/adv/zdaebof-adv.txt

XF - zdaemon-isclientwadok-bo(25592)

BID - 17340

SECUNIA - 19496


Last Updated: 27 May 2016 10:42:08