CVEブラウザに戻る

CVE-2007-4642

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1540%

EPSS Percentile8.46th

Published2007年8月31日

Last Modified2026年4月23日

Vulnerability Description

Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allow remote attackers to execute arbitrary code via a long chat (PKT_CHAT) message that is not properly handled by the (1) D_NetPlayerEvent function in d_net.c or the (2) Msg_Write function in net_msg.c, or (3) many commands that are not properly handled by the NetSv_ReadCommands function in d_netsv.c; or (4) cause a denial of service (daemon crash) via a chat (PKT_CHAT) message without a final '\0' character.

Affected Platforms (CPE)

📦

Doomsday

Doomsday

<= 1.9.0_beta5.1

References & Advisories

🔗 http://aluigi.altervista.org/adv/dumsdei-adv.txt

🔗 http://aluigi.org/poc/dumsdei.zip

🔗 http://bugs.gentoo.org/show_bug.cgi?id=190835

🔗 http://secunia.com/advisories/26524

🔗 http://secunia.com/advisories/28821

🔗 http://security.gentoo.org/glsa/glsa-200802-02.xml

🔗 http://securityreason.com/securityalert/3084

🔗 http://www.securityfocus.com/archive/1/478077/100/0/threaded

関連する脆弱性情報

CVE-2017-161279.8

The module pandora-doomsday infects other modules. It's since been unpublished from the registry.

CVE-2006-16187.5

Format string vulnerability in the (1) Con_message and (2) conPrintf functions in con_main.c in Doomsday engine 1.8.6 allows remot...

CVE-2007-46447.5

Format string vulnerability in the Cl_GetPackets function in cl_main.c in the client in Doomsday (aka deng) 1.9.0-beta5.1 and earl...

CVE-2007-46435.0

Integer underflow in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote attackers to cause a denial of service (daemon cr...