104 matches found
Format string in the Doom 3 engine through PB
Luigi Auriemma Application: Doom 3 engine Games: Doom 3 http://www.doom3.com = 1.3.1 Quake 4 http://www.quake4game.com = 1.4.2 Prey http://www.prey.com = 1.3 Enemy Territory: Quake Wars NOT VULNERABLE Platforms: Windows, Linux and Mac Bug: format string Exploitation: remote, versus servers with...
id Software Doom 3 Engine - Console String Visualization Format String
id Software Doom 3 Engine - Console String Visualization Format String // source: https://www.securityfocus.com/bid/25893/info id Software Doom 3 engine is prone to a format-string vulnerability. Exploiting this issue will allow attackers to execute arbitrary code with the permissions of a user...
id Software Doom 3 Engine - Console String Visualization Format String
// source: https://www.securityfocus.com/bid/25893/info id Software Doom 3 engine is prone to a format-string vulnerability. Exploiting this issue will allow attackers to execute arbitrary code with the permissions of a user running the application. Failed attacks will likely cause...
[SECURITY] Fedora 7 Update: vavoom-1.24-3.fc7
Vavoom is an enhanced open-source port of Doom. Allowing you to play not on ly the classic 3D first-person shooter Doom, but also the Doom derived classics Heretic, Hexen and Strife. Compared to the original games it adds extra features such as translucency and freelook support and ofcourse the...
Heap overflow in Skulltag 0.97d-beta4.1
Luigi Auriemma Application: Skulltag http://www.skulltag.com Versions: = 0.97d-beta4.1 Platforms: Windows and Linux Bug: heap-overflow Exploitation: remote, versus server Date: 23 Aug 2007 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 The Code 4 Fix...
Skulltag Huffman报文解压远程堆溢出漏洞
BUGTRAQ ID: 25423 Skulltag是一个在外国很流行的DOOM在线游戏的扩展平台。 Skulltag游戏平台负责huffman解压入站报文的函数存在堆溢出漏洞,远程攻击者可以通过发送单包UDP报文触发这个溢出,导致执行任意指令。 Skulltag Team Skulltag = 0.97d-beta4.1 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.skulltag.com/...
CVE-2006-2587
AFFECTED SOFTWARE: PunkBuster WebTool HTTP server component (before 1.229) used by multiple titles (America’s Army 1.228 and earlier; Battlefield 1942 1.158 and earlier; Battlefield 2 1.184 and earlier; Battlefield Vietnam 1.150 and earlier; Call of Duty 1.173 and earlier; Call of Duty 2 1.108 an...
CVE-2006-2587
Buffer overflow in the WebTool HTTP server component in 1 PunkBuster before 1.229, as used by multiple products including 2 America's Army 1.228 and earlier, 3 Battlefield 1942 1.158 and earlier, 4 Battlefield 2 1.184 and earlier, 5 Battlefield Vietnam 1.150 and earlier, 6 Call of Duty 1.173 and...
Buffer-overflow in the WebTool service of PunkBuster for servers (minor than v1.229)
Luigi Auriemma Application: PunkBuster http://www.punkbuster.com Versions: PunkBuster for servers, versions minor than v1.229: America's Army = v1.228 Battlefield 1942 = v1.158 Battlefield 2 = v1.184 Battlefield Vietnam = v1.150 Call of Duty = v1.173 Call of Duty 2 = v1.108 DOOM 3 = v1.159 Enemy...
PunkBuster < 1.229 - WebTool Service Remote Buffer Overflow (Denial of Service) (PoC)
Luigi Auriemma Application: PunkBuster http://www.punkbuster.com Versions: PunkBuster for servers, versions minor than v1.229: America's Army = v1.228 Battlefield 1942 = v1.158 Battlefield 2 = v1.184 Battlefield Vietnam = v1.150 Call of Duty = v1.173 Call of Duty 2 = v1.108 DOOM 3 = v1.159 Enemy...
PunkBuster 1.229 - WebTool Service Remote Buffer Overflow (Denial of Service) (PoC)
PunkBuster 1.229 - WebTool Service Remote Buffer Overflow Denial of Service PoC Luigi Auriemma Application: PunkBuster http://www.punkbuster.com Versions: PunkBuster for servers, versions minor than v1.229: America's Army = v1.228 Battlefield 1942 = v1.158 Battlefield 2 = v1.184 Battlefield Vietn...
Code injection
The 1 ZDMissingPlayer, 2 ZDUseItem, and 3 ZDLoadNewClientLevel functions in svmain.cpp for a Zdaemon 1.08.01 and b X-Doom allows remote attackers to cause a denial of service crash via an invalid player slot or item number, which causes an invalid memory access, possibly due to an invalid array...
CVE-2006-1592
Buffer overflow in the isclientwadok function in wwad.cpp for 1 Zdaemon 1.08.01 and 2 X-Doom allows remote attackers to execute arbitrary code via a long filename argument...
Buffer overflow
Buffer overflow in the isclientwadok function in wwad.cpp for 1 Zdaemon 1.08.01 and 2 X-Doom allows remote attackers to execute arbitrary code via a long filename argument...
CVE-2006-1593
The 1 ZDMissingPlayer, 2 ZDUseItem, and 3 ZDLoadNewClientLevel functions in svmain.cpp for a Zdaemon 1.08.01 and b X-Doom allows remote attackers to cause a denial of service crash via an invalid player slot or item number, which causes an invalid memory access, possibly due to an invalid array...
CVE-2006-1592
Buffer overflow in the isclientwadok function in wwad.cpp for 1 Zdaemon 1.08.01 and 2 X-Doom allows remote attackers to execute arbitrary code via a long filename argument...
CVE-2006-1593
The CVE-2006-1593 entry affects sv_main.cpp in Zdaemon 1.08.01 and X-Doom, specifically the functions ZD_MissingPlayer, ZD_UseItem, and ZD_LoadNewClientLevel. The issue allows remote attackers to cause a denial of service (crash) by supplying an invalid player slot or item number, leading to an i...
CVE-2006-1552
Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service crash via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom"...
Integer overflow
Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service crash via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom"...
CVE-2006-1552
Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service crash via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom"...