CVE-2012-1189

Published: 08/10/2012 Updated: 09/10/2012

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in modules/graphic/ssgraph/grsound.cpp in The Open Racing Car Simulator (TORCS) prior to 1.3.3 and Speed Dreams allows user-assisted remote malicious users to execute arbitrary code via a long file name in an engine sample attribute in an xml configuration file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
bernhard wymann torcs 1.3.0
bernhard wymann torcs 1.3.1
bernhard wymann torcs
bernhard wymann torcs 1.2.4
speed-dreams speed dreams -
bernhard wymann torcs 1.2.3

/* Exploit Title: TORCS <= 132 buffer overflow /SAFESEH evasion # Date: 07/02/2012 # Discovered and exploited by: Fluidsignal Group -> Research Team Division # Author: Andres Gomez and David Mora (aka Mighty-D) Pwn and beans! # Software Link: torcssourceforgenet/ # Version: torcs 132 # Vendor notified: 03/02/2012 # Tested ...

CWE-119 http://www.openwall.com/lists/oss-security/2012/02/18/2 http://freecode.com/projects/torcs/releases/341672 http://www.openwall.com/lists/oss-security/2012/03/05/18 http://www.osvdb.org/79372 http://torcs.sourceforge.net/index.php?name=News&file=article&sid=79 http://www.exploit-db.com/exploits/18471 https://nvd.nist.gov https://www.exploit-db.com/exploits/18471/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-1189

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect