Yager Data Block Remote Overflow

2005-04-14T08:46:13
ID OSVDB:15508
Type osvdb
Reporter Luigi Auriemma(aluigi@autistici.org)
Modified 2005-04-14T08:46:13

Description

Vulnerability Description

THQ's Yager contains a flaw that may allow a malicious user to remotely execute malicious code with the privileges of the user running the application. The issue is due to the application failing to properly validate the length of user-supplied, network derived data blocks with a maximum size of 65536 bits prior to copying them into a static buffer with a maximum size of 256 bytes. It is possible that the flaw may allow privilege escalation or unauthorized access resulting in a loss of confidentiality and/or integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

THQ's Yager contains a flaw that may allow a malicious user to remotely execute malicious code with the privileges of the user running the application. The issue is due to the application failing to properly validate the length of user-supplied, network derived data blocks with a maximum size of 65536 bits prior to copying them into a static buffer with a maximum size of 256 bytes. It is possible that the flaw may allow privilege escalation or unauthorized access resulting in a loss of confidentiality and/or integrity.

References:

Vendor URL: http://yager.thq.de/ Secunia Advisory ID:14967 Related OSVDB ID: 15509 Related OSVDB ID: 15507 Other Advisory URL: http://aluigi.altervista.org/adv/yagerbof-adv.txt Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-04/0329.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-04/0405.html CVE-2005-1163 Bugtraq ID: 13177