Buffer overflow in the Sequencer::queueMessage function in sequencer.cpp in the server in Rigs of Rods (RoR) prior to 0.33d SP1 allows remote malicious users to cause a denial of service (daemon crash) and possibly execute arbitrary code by sending a nickname, then a vehicle name in a MSG2_USE_VEHICLE message, in which the combined length triggers the overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rigs of rogs rigs of rogs |