CVSS: 9.0EPSS: 0%CPEs: 11EXPL: 2CVE-2023-42801 – Stack buffer overflow due to `strcpy` into fixed size buffer in `extractVersionQuadFromString`
https://notcve.org/view.php?id=CVE-2023-42801
14 Dec 2023 — Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit f57bd745b4cbed577ea654fad4701bea4d38b44c. A malicious game streaming server could exploit a buffer overflow vulnerability to crash a moonlight client. Achieving RCE is possible but unlikely, due to stack canaries in use by modern compiler toolchains. The published binaries for official clients Qt, Android, iOS/tvOS, and Embedded are built with s... • https://github.com/moonlight-stream/moonlight-common-c/blob/c1744de06938b5a5c8897a705be1bc6508dc7580/src/Misc.c#L82-L88 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 1CVE-2023-42800 – Buffer overflow due to use of `strcpy` in `performRtspHandshake`
https://notcve.org/view.php?id=CVE-2023-42800
14 Dec 2023 — Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit 50c0a51b10ecc5b3415ea78c21d96d679e2288f9 due to unmitigated usage of unsafe C functions and improper bounds checking. A malicious game streaming server could exploit a buffer overflow vulnerability to crash a moonlight client, or achieve remote code execution (RCE) on the client (with insufficient exploit mitigations or if mitigations can be byp... • https://github.com/moonlight-stream/moonlight-common-c/blob/2bb026c763fc18807d7e4a93f918054c488f84e1/src/RtspConnection.c#L796 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 1CVE-2023-42799 – Buffer overflow due to use of `strcpy` in `parseUrlAddrFromRtspUrlString`
https://notcve.org/view.php?id=CVE-2023-42799
14 Dec 2023 — Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit 50c0a51b10ecc5b3415ea78c21d96d679e2288f9 due to unmitigated usage of unsafe C functions and improper bounds checking. A malicious game streaming server could exploit a buffer overflow vulnerability to crash a moonlight client, or achieve remote code execution (RCE) on the client (with insufficient exploit mitigations or if mitigations can be byp... • https://github.com/moonlight-stream/moonlight-common-c/commit/02b7742f4d19631024bd766bd2bb76715780004e • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2020-11024 – Man-in-the-middle attack in Moonlight iOS/tvOS
https://notcve.org/view.php?id=CVE-2020-11024
29 Apr 2020 — In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-middle attack. The bug has been fixed in Moonlight v4.0.1 for iOS and tvOS. En Moonlight iOS/tvOS versiones anteriores a la versión 4.0.1, el proceso de emparejamiento es vulnerable a un ataque de tipo man-in-the-middle. El bug se ha corregido en Moonlight versión v4.0.1 para iOS y tvOS. • https://github.com/moonlight-stream/moonlight-ios/commit/b0149b2fe9125a77ee11fe133382673694b6e8cc • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2011-0989
https://notcve.org/view.php?id=CVE-2011-0989
13 Apr 2011 — The RuntimeHelpers.InitializeArray method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, does not properly restrict data types, which allows remote attackers to modify internal read-only data structures, and cause a denial of service (plugin crash) or corrupt the internal state of the security manager, via a crafted media file, as demonstrated by modifying a C# struct. El método RuntimeHelpers.InitializeArray de metadata/icall.c de Mono, si Moonlight 2.x anterior ... • http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 1%CPEs: 7EXPL: 0CVE-2011-0990
https://notcve.org/view.php?id=CVE-2011-0990
13 Apr 2011 — Race condition in the FastCopy optimization in the Array.Copy method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to trigger a buffer overflow and modify internal data structures, and cause a denial of service (plugin crash) or corrupt the internal state of the security manager, via a crafted media file in which a thread makes a change after a type check but before a copy action. Condición de carrera en la optimización de FastCopy en el m... • http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 3%CPEs: 7EXPL: 0CVE-2011-0991
https://notcve.org/view.php?id=CVE-2011-0991
13 Apr 2011 — Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to finalizing and then resurrecting a DynamicMethod instance. Vulnerabilidad de uso después de la liberación en Mono cuando se usa Moonlight v2.x anteriores a v2.4.1 o v3.x anteriores a v3.99.3 , permite a atacantes remotos producir una denegación de servicio (caída de aplicación) o posiblemente ... • http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2011-0992 – Ubuntu Security Notice USN-2547-1
https://notcve.org/view.php?id=CVE-2011-0992
13 Apr 2011 — Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service (plugin crash) or obtain sensitive information via vectors related to member data in a resurrected MonoThread instance. Vulnerabilidad de tipo usar después de liberar en Mono, si Moonlight v2.x anteriores a 2.4.1 o 3.x anteriores a 3.99.3 es utilizado, permite a atacantes remotos provocar una denegación de servicio (caída o cuelgue del plugin) u obtener inf... • http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 19%CPEs: 7EXPL: 2CVE-2010-4254 – Mono/Moonlight Generic Type Argument - Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-4254
03 Dec 2010 — Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call. Mono, cuando Moonlight en versiones anteriores a la 2.3.0.1 o 2.99.x anteriores a la 2.99.0.10 es utilizado, no valida apropiadamente los argumentos a los métodos genéricos. Lo que permite a atacantes remotos evitar las restricciones genéricas y posiblemente... • https://www.exploit-db.com/exploits/15974 • CWE-20: Improper Input Validation •