CVE-2007-6041

Buffer overflow in the Sequencer::queueMessage function in sequencer.cpp in the server in Rigs of Rods (RoR) before 0.33d SP1 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code by sending a nickname, then a vehicle name in a MSG2_USE_VEHICLE message, in which the combined length triggers the overflow.
Configurations

Configuration 1 (hide)

cpe:2.3:a:rigs_of_rogs:rigs_of_rogs:*:*:*:*:*:*:*:*

History

14 Feb 2024, 01:17

Type Values Removed Values Added
References (CONFIRM) http://forum.rigsofrods.com/index.php?topic=3140.0 - (CONFIRM) http://forum.rigsofrods.com/index.php?topic=3140.0 - URL Repurposed

Information

Published : 2007-11-20 19:46

Updated : 2024-02-28 11:01


NVD link : CVE-2007-6041

Mitre link : CVE-2007-6041

CVE.ORG link : CVE-2007-6041


JSON object : View

Products Affected

rigs_of_rogs

  • rigs_of_rogs
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer