CVE-2014-9351 — Improper Input Validation in Teeworlds

CWE-20 — Improper Input Validation5 documents5 sources

Severity

6.4MEDIUMNVD

EPSS

1.4%

top 19.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Teeworlds Debian Teeworlds

Timeline

PublishedDec 9

Latest updateMay 17

Description

engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote attackers to read memory and cause a denial of service (crash) via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:N/A:PExploitability: 10.0 | Impact: 4.9

Affected Packages3 packages

▶debiandebian/teeworlds< teeworlds 0.6.2+dfsg-2 (bookworm)

▶Debianteeworlds/teeworlds< 0.6.2+dfsg-2+3

▶NVDteeworlds/teeworlds6.0, 6.1, 6.2+2

Patches

Patch: www.teeworlds.com ↗Patch: www.teeworlds.com ↗

🔴Vulnerability Details

GHSA

GHSA-67qr-qj94-6wp3: engine/server/server↗2022-05-17

▶

OSV

CVE-2014-9351: engine/server/server↗2014-12-09

▶

📋Vendor Advisories

Debian

CVE-2014-9351: teeworlds - engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote attackers...↗2014

▶

💬Community

Bugzilla

CVE-2014-9351 teeworlds: security issues fixed in the 0.6.3 release↗2014-11-24

▶