Vulnerabilities > CVE-2005-2810 - Local Security vulnerability in Urban

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

urban

NVD

Published: 2005-09-07

Updated: 2016-10-18

Summary

Multiple stack-based buffer overflows in urban before 1.5.3 allow local users to gain privileges via a long HOME environment variable to (1) config.cc, (2) game.cc, (3) highscor.cc, or (4) meny.cc.

Vulnerable Configurations

Part	Description	Count
Application	Urban Urban Urban *	1

References

http://marc.info/?l=bugtraq&m=112604855119036&w=2
http://securitytracker.com/id?1014848
http://www.freebsd.org/cgi/cvsweb.cgi/ports/games/urban/files/
http://www.vuxml.org/freebsd/08df5d46-1baf-11da-8038-0040f42d58c6.html