Vulnerabilities > CVE-2006-1147 - Remote vulnerability in COR Entertainment Alien Arena 2006 Gold5.00

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
cor-entertainment
exploit available

Summary

The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers (possibly authenticated) to cause a denial of service (application crash) via a long skin, weapon, or model name.

Vulnerable Configurations

Part Description Count
Application
Cor_Entertainment
1

Exploit-Db

descriptionAlien Arena 2006 Gold Edition <= 5.00 Multiple Vulnerabilities Exploit. CVE-2006-1145,CVE-2006-1146,CVE-2006-1147. Dos exploit for windows platform
idEDB-ID:1564
last seen2016-01-31
modified2006-03-07
published2006-03-07
reporterLuigi Auriemma
sourcehttps://www.exploit-db.com/download/1564/
titleAlien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities Exploit