Vulnerability CVE-2006-2537
Published: 2006-05-22   Modified: 2012-02-12

Description:
Multiple format string vulnerabilities in (a) OpenBOR 2.0046 and earlier, (b) Beats of Rage (BOR) 1.0029 and earlier, and (c) Horizontal Shooter BOR (HOR) 2.0000 and earlier allow remote attackers to execute code via format string specifiers in configurations used in various mod files, as demonstrated by the (1) music identifier in data/scenes/intro.txt, which is not properly handled in the update function, and (2) background identifier in data/easy/1aeasy.txt, which is not properly handled in the shutdown function.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Senile team -> Beats of rage 
Openbor -> Openbor 
Horizontal shooter bor -> Horizontal shooter bor 

 References:
http://www.vupen.com/english/advisories/2006/1903
http://www.vupen.com/english/advisories/2006/1902
http://www.vupen.com/english/advisories/2006/1901
http://secunia.com/advisories/20181
http://secunia.com/advisories/20174
http://secunia.com/advisories/20173
http://aluigi.altervista.org/adv/borfs-adv.txt
http://xforce.iss.net/xforce/xfdb/26582
http://www.securityfocus.com/bid/18088
http://www.osvdb.org/25687
Copyright 2024, cxsecurity.com

 

Back to Top