The (1) sgetstr and (2) getint functions in Sauerbraten 2006_02_28, as derived from the Cube engine, allow remote malicious users to cause a denial of service (segmentation fault) via long streams of input data that trigger an out-of-bounds read, as demonstrated using SV_EXT tag data in the Cube engine, which is not properly handled by getint.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sauerbraten cube 2005-08-09 |
||
sauerbraten sauerbraten 2006-02-28 |