Star Wars Jedi Academy Message Handling Remote Overflow

2005-04-02T10:49:01
ID OSVDB:15230
Type osvdb
Reporter Luigi Auriemma(aluigi@autistici.org)
Modified 2005-04-02T10:49:01

Description

Vulnerability Description

A remote overflow exists in Star Wars Jedi Knight: Jedi Academy. The 'G_Printf()' function fails to perform proper bounds checking resulting in a buffer overflow. With an overly long message, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

A remote overflow exists in Star Wars Jedi Knight: Jedi Academy. The 'G_Printf()' function fails to perform proper bounds checking resulting in a buffer overflow. With an overly long message, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Vendor URL: http://www.ravensoft.com/ Secunia Advisory ID:14809 Other Advisory URL: http://aluigi.altervista.org/adv/jamsgbof-adv.txt Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-04/0015.html ISS X-Force ID: 19959 CVE-2005-0984 Bugtraq ID: 12977