Sauerbraten Cube vulnerabilities
4 known vulnerabilities affecting sauerbraten/cube.
Total CVEs
4
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2006-1100P3HIGHCVSS 7.5PoCv2005-08-092006-03-09
CVE-2006-1100 [HIGH] CVE-2006-1100: Buffer overflow in the sgetstr function in shared/cube.h in Sauerbraten 2006_02_28 and earlier, as d
Buffer overflow in the sgetstr function in shared/cube.h in Sauerbraten 2006_02_28 and earlier, as derived from the Cube engine, allows remote attackers to execute arbitrary code via long streams of input data.
nvd
CVE-2006-1103P4MEDIUMCVSS 5.0PoCv2005-08-092006-03-09
CVE-2006-1103 [MEDIUM] CVE-2006-1103: engine/server.cpp in Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attacker
engine/server.cpp in Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (segmentation fault) via a client that does not completely join the game and times out, which results in a null pointer dereference.
nvd
CVE-2006-1101P4MEDIUMCVSS 5.0PoCv2005-08-092006-03-09
CVE-2006-1101 [MEDIUM] CVE-2006-1101: The (1) sgetstr and (2) getint functions in Sauerbraten 2006_02_28, as derived from the Cube engine,
The (1) sgetstr and (2) getint functions in Sauerbraten 2006_02_28, as derived from the Cube engine, allow remote attackers to cause a denial of service (segmentation fault) via long streams of input data that trigger an out-of-bounds read, as demonstrated using SV_EXT tag data in the Cube engine, which is not properly handled by getint.
nvd
CVE-2006-1102P4MEDIUMCVSS 5.0PoCv2005-08-092006-03-09
CVE-2006-1102 [MEDIUM] CVE-2006-1102: Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial o
Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (client exit) by forcing the server to change to a map (ogz) file whose name contains ".." sequences and has a certain length that prevents the addition of the ".ogz" extension.
nvd