RSS   Vulnerabilities for 'Raydium'   RSS

2006-05-16
 
CVE-2006-2412

CWE-Other
 

 
The raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a large ID, which causes an invalid memory access (buffer over-read).

 
 
CVE-2006-2411

CWE-Other
 

 
Buffer overflow in raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to execute arbitrary code by sending packets with long global variables to the client.

 
 
CVE-2006-2410

CWE-Other
 

 
raydium_network_netcall_exec function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a packet of type 0xFF, which causes a null dereference.

 
 
CVE-2006-2409

CWE-134
 

 
Format string vulnerability in the raydium_log function in console.c in Raydium before SVN revision 310 allows local users to execute arbitrary code via format string specifiers in the format parameter, which are not properly handled in a call to raydium_console_line_add.

 
 
CVE-2006-2408

CWE-119
 

 
Multiple buffer overflows in Raydium before SVN revision 310 allow remote attackers to execute arbitrary code via a large packet when logged via (1) the raydium_log function in log.c or (2) the raydium_console_line_add function in console.c, possibly from a long player name.

 


Copyright 2024, cxsecurity.com

 

Back to Top