The client and server of Chaser 1.50 and earlier allow remote attackers to cause a denial of service (crash via exception) via a UDP packet with a length field that is greater than the actual data length, which causes Chaser to read unexpected memory.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Chaser_client | Cauldron | 1.5 (including) | 1.5 (including) |
Chaser_server | Cauldron | 1.4.9 (including) | 1.4.9 (including) |
Chaser_server | Cauldron | 1.5 (including) | 1.5 (including) |