CVE Vulnerability

CVE-2007-6041

Buffer overflow in the Sequencer::queueMessage function in sequencer.cpp in the server in Rigs of Rods (RoR) before 0.33d SP1 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code by sending a nickname, then a vehicle name in a MSG2_USE_VEHICLE message, in which the combined length triggers the overflow.

7.5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

References
Link Resource
http://aluigi.altervista.org/adv/rorbof-adv.txt Exploit
http://aluigi.org/poc/rorbof.zip
http://forum.rigsofrods.com/index.php?topic=3140.0
http://secunia.com/advisories/27729 Patch Vendor Advisory
http://www.securityfocus.com/bid/26502
http://www.vupen.com/english/advisories/2007/3938
https://exchange.xforce.ibmcloud.com/vulnerabilities/38549
Configurations

Configuration 1

cpe:2.3:a:rigs_of_rogs:rigs_of_rogs:*:*:*:*:*:*:*:*
Information

Published : 2007-11-20 07:46

Updated : 2017-07-29 01:34

NVD link : CVE-2007-6041

Mitre link : CVE-2007-6041

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer