CVE-2007-6041
published 2007-11-20CVE-2007-6041: Buffer overflow in the Sequencer::queueMessage function in sequencer.cpp in the server in Rigs of Rods (RoR) before 0.33d SP1 allows remote attackers to cause…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
6.33%
92.8th percentile
Buffer overflow in the Sequencer::queueMessage function in sequencer.cpp in the server in Rigs of Rods (RoR) before 0.33d SP1 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code by sending a nickname, then a vehicle name in a MSG2_USE_VEHICLE message, in which the combined length triggers the overflow.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rigs_of_rogs | rigs_of_rogs | <= 0.33d | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://aluigi.altervista.org/adv/rorbof-adv.txthttp://aluigi.org/poc/rorbof.ziphttp://forum.rigsofrods.com/index.php?topic=3140.0http://secunia.com/advisories/27729http://www.securityfocus.com/bid/26502http://www.vupen.com/english/advisories/2007/3938https://exchange.xforce.ibmcloud.com/vulnerabilities/38549http://aluigi.altervista.org/adv/rorbof-adv.txthttp://aluigi.org/poc/rorbof.ziphttp://forum.rigsofrods.com/index.php?topic=3140.0http://secunia.com/advisories/27729http://www.securityfocus.com/bid/26502http://www.vupen.com/english/advisories/2007/3938https://exchange.xforce.ibmcloud.com/vulnerabilities/38549
2007-11-20
Published