CVE-2006-1147
CVE-2006-1147
The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers (possibly authenticated) to cause a denial of service (application crash) via a long skin, weapon, or model name.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/1564unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://aluigi.altervista.org/adv/aa2k6x-adv.txthttp://archives.neohapsis.com/archives/fulldisclosure/2006-03/0147.htmlhttp://secunia.com/advisories/19144https://exchange.xforce.ibmcloud.com/vulnerabilities/25201http://www.osvdb.org/23749http://www.securityfocus.com/archive/1/426984/100/0/threadedhttp://www.securityfocus.com/bid/17028http://www.vupen.com/english/advisories/2006/0882