4 matches found
CVE-2007-4644
The CVE-2007-4644 format-string vulnerability affects the Doomsday (deng) client, specifically in Cl_GetPackets() in cl_main.c for Doomsday 1.9.0-beta5.1 and earlier. The flaw allows a remote attacker sending PSV_CONSOLE_TEXT messages to cause arbitrary code execution. Reports (NVD, GLSA 200802-0...
CVE-2006-1618
Doomsday engine 1.8.6 is affected by a format-string vulnerability in Con_message and conPrintf (in con_main.c). A remote attacker can cause arbitrary code execution by sending crafted strings (e.g., via the JOIN command or other arguments). The issue stems from incorrect handling of format speci...
CVE-2007-4642
CVE-2007-4642 corresponds to multiple buffer overflows in Doomsday (deng)
CVE-2007-4643
The Doomsday Engine (deng) vulnerable component is the D_Net/packet handling path. CVE-2007-4643 is an Integer underflow in PKT_CHAT processing (data length