CVE-2011-4620
published 2011-12-31CVE-2011-4620: Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB 1.8.5, as used in TORCS 1.3.1 and other products, allows user-assisted remote attackers…
PriorityP349critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
12.80%
95.8th percentile
Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB 1.8.5, as used in TORCS 1.3.1 and other products, allows user-assisted remote attackers to execute arbitrary code via vectors involving a long error message, as demonstrated by a crafted acc file for TORCS. NOTE: some of these details are obtained from third party information.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | plib | < plib 1.8.5-5.1 (bookworm) | plib 1.8.5-5.1 (bookworm) |
| plib_project | plib | >= 0 < 1.8.5-5.1 | 1.8.5-5.1 |
| plib_project | plib | >= 0 < 1.8.5-5.1 | 1.8.5-5.1 |
| plib_project | plib | >= 0 < 1.8.5-5.1 | 1.8.5-5.1 |
| plib_project | plib | >= 0 < 1.8.5-5.1 | 1.8.5-5.1 |
| steve_j_baker | plib | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv9.3CRITICAL
vendor_debian9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2011-4620: plib - Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB 1.8.5, as...
vendor_debian·2011·CVSS 9.3
CVE-2011-4620 [CRITICAL] CVE-2011-4620: plib - Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB 1.8.5, as...
Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB 1.8.5, as used in TORCS 1.3.1 and other products, allows user-assisted remote attackers to execute arbitrary code via vectors involving a long error message, as demonstrated by a crafted acc file for TORCS. NOTE: some of these details are obtained from third party information.
Scope: local
bookworm: resolved (fixed in 1.8.5-5.1)
bullseye: resolved (fixed in 1.8.5-5.1)
forky: resolved (fixed in 1.8.5-5.1)
sid: resolved (fixed in 1.8.5-5.1)
trixie: resolved (fixed in 1.8.5-5.1)
GHSA
GHSA-f88m-j96j-6cvj: Buffer overflow in the ulSetError function in util/ulError
ghsa_unreviewed·2022-05-17
CVE-2011-4620 [HIGH] CWE-119 GHSA-f88m-j96j-6cvj: Buffer overflow in the ulSetError function in util/ulError
Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB 1.8.5, as used in TORCS 1.3.1 and other products, allows user-assisted remote attackers to execute arbitrary code via vectors involving a long error message, as demonstrated by a crafted acc file for TORCS. NOTE: some of these details are obtained from third party information.
OSV
CVE-2011-4620: Buffer overflow in the ulSetError function in util/ulError
osv·2011-12-31·CVSS 9.3
CVE-2011-4620 [CRITICAL] CVE-2011-4620: Buffer overflow in the ulSetError function in util/ulError
Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB 1.8.5, as used in TORCS 1.3.1 and other products, allows user-assisted remote attackers to execute arbitrary code via vectors involving a long error message, as demonstrated by a crafted acc file for TORCS. NOTE: some of these details are obtained from third party information.
No detection rules found.
Bugzilla
CVE-2011-4620 plib ulSetError() buffer overflow [fedora-all]
bugzilla·2012-01-03·CVSS 9.3
CVE-2011-4620 [CRITICAL] CVE-2011-4620 plib ulSetError() buffer overflow [fedora-all]
CVE-2011-4620 plib ulSetError() buffer overflow [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=769722
P
Bugzilla
CVE-2011-4620 plib ulSetError() buffer overflow
bugzilla·2011-12-21·CVSS 9.3
CVE-2011-4620 [CRITICAL] CVE-2011-4620 plib ulSetError() buffer overflow
CVE-2011-4620 plib ulSetError() buffer overflow
https://secunia.com/advisories/47297/
http://plib.sourceforge.net/index.html
http://www.exploit-db.com/exploits/18258/
From Secunia:
*Description*
A vulnerability has been discovered in PLIB, which can be exploited by malicious people to compromise an application using the library.
The vulnerability is caused due to a boundary error within the "ulSetError()" function (src/util/ulError.cxx) when creating the error message, which can be exploited to overflow a static buffer.
Successful exploitation allows the execution of arbitrary code but requires that the attacker can e.g. control the content of an overly long error message passed to the "ulSetError()" function.
The vulnerability is confirmed in version 1.8.5. Other versions may also b
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00013.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-01/msg00015.htmlhttp://openwall.com/lists/oss-security/2011/12/21/2http://osvdb.org/77973http://secunia.com/advisories/47297http://secunia.com/advisories/51340http://www.exploit-db.com/exploits/18258/https://security.gentoo.org/glsa/201606-16http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00013.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-01/msg00015.htmlhttp://openwall.com/lists/oss-security/2011/12/21/2http://osvdb.org/77973http://secunia.com/advisories/47297http://secunia.com/advisories/51340http://www.exploit-db.com/exploits/18258/https://security.gentoo.org/glsa/201606-16
2011-12-31
Published