CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 1CVE-2019-10879
https://notcve.org/view.php?id=CVE-2019-10879
In Teeworlds 0.7.2, there is an integer overflow in CDataFileReader::Open() in engine/shared/datafile.cpp that can lead to a buffer overflow and possibly remote code execution, because size-related multiplications are mishandled. En Teeworlds 0.7.2, hay un desbordamiento de enteros en CDataFileReader::Open() en engine/shared/datafile.cpp que puede conducir a un desbordamiento de búfer y, posiblemente, a una ejecución remota de código, debido a que las multiplicaciones relacionadas con el tamaño se gestionan de manera incorrecta. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00077.html https://github.com/teeworlds/teeworlds/issues/2070 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KCS2CFDYJFBLZ4QKVPNJWHOZEGQ2LBC • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2019-10878
https://notcve.org/view.php?id=CVE-2019-10878
In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData() and CDataFileReader::ReplaceData() and related functions in engine/shared/datafile.cpp that can lead to an arbitrary free and out-of-bounds pointer write, possibly resulting in remote code execution. En Teeworlds 0.7.2, hay una comprobación de límites fallida en CDataFileReader::GetData() y CDataFileReader::ReplaceData() y en las funciones relacionadas en engine/shared/datafile.cpp que puede conducir a una escritura de puntero de liberación arbitraria y fuera de límites que podría resultar en una ejecución remota de código. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00077.html https://github.com/teeworlds/teeworlds/issues/2073 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KCS2CFDYJFBLZ4QKVPNJWHOZEGQ2LBC • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10877
https://notcve.org/view.php?id=CVE-2019-10877
In Teeworlds 0.7.2, there is an integer overflow in CMap::Load() in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and height is mishandled. En Teeworlds 0.7.2, hay un desbordamiento de enteros en CMap::Load() en engine/shared/map.cpp que puede conducir a un desbordamiento de búfer debido a que una multiplicación de la anchura altura se gestiona de manera incorrecta. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00077.html https://github.com/teeworlds/teeworlds/issues/2071 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KCS2CFDYJFBLZ4QKVPNJWHOZEGQ2LBC • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2018-18541
https://notcve.org/view.php?id=CVE-2018-18541
In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download packets. En Teeworlds en versiones anteriores a la 0.6.5, podrían falsificarse paquetes de conexión. No ha habido un desafío-respuesta involucrado en el build up de conexión. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00077.html https://bugs.debian.org/911487 https://github.com/teeworlds/teeworlds/issues/1536 https://teeworlds.com/?page=news&id=12544 https://www.debian.org/security/2018/dsa-4329 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2016-9400
https://notcve.org/view.php?id=CVE-2016-9400
The CClient::ProcessServerPacket method in engine/client/client.cpp in Teeworlds before 0.6.4 allows remote servers to write to arbitrary physical memory locations and possibly execute arbitrary code via vectors involving snap handling. El método CClient::ProcessServerPacket en engine/client/client.cpp en Teeworlds en versiones anteriores a 0.6.4 permite a servidores remotos escribir en ubicaciones de memoria física arbitrarias y posiblemente ejecutar código arbitrario a través de vectores que involucran manipulación rápida. • http://www.openwall.com/lists/oss-security/2016/11/16/8 http://www.openwall.com/lists/oss-security/2016/11/17/8 http://www.securityfocus.com/bid/94381 https://github.com/teeworlds/teeworlds/commit/ff254722a2683867fcb3e67569ffd36226c4bc62 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C4JNSBXXPE7O32ZMFK7D7YL6EKLG7PRV https://security.gentoo.org/glsa/201705-13 https://www.teeworlds.com/?page=news&id=12086 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •