Buffer overflow in the sgetstr function in shared/cube.h in Sauerbraten 2006_02_28 and earlier, as derived from the Cube engine, allows remote attackers to execute arbitrary code via long streams of input data.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Cube | Sauerbraten | 2005-08-09 (including) | 2005-08-09 (including) |
| Sauerbraten | Sauerbraten | 2004-05-08 (including) | 2004-05-08 (including) |
| Sauerbraten | Sauerbraten | 2004-05-23 (including) | 2004-05-23 (including) |
| Sauerbraten | Sauerbraten | 2004-11-02 (including) | 2004-11-02 (including) |
| Sauerbraten | Sauerbraten | 2005-05-24 (including) | 2005-05-24 (including) |
| Sauerbraten | Sauerbraten | 2005-05-29 (including) | 2005-05-29 (including) |
| Sauerbraten | Sauerbraten | 2005-06-05 (including) | 2005-06-05 (including) |
| Sauerbraten | Sauerbraten | 2005-06-12 (including) | 2005-06-12 (including) |
| Sauerbraten | Sauerbraten | 2005-07-04 (including) | 2005-07-04 (including) |
| Sauerbraten | Sauerbraten | 2005-08-15 (including) | 2005-08-15 (including) |
| Sauerbraten | Sauerbraten | 2005-11-07 (including) | 2005-11-07 (including) |
| Sauerbraten | Sauerbraten | 2006-01-31 (including) | 2006-01-31 (including) |
| Sauerbraten | Sauerbraten | 2006-02-27 (including) | 2006-02-27 (including) |
| Sauerbraten | Sauerbraten | 2006-02-28 (including) | 2006-02-28 (including) |
| Sauerbraten | Sauerbraten | initial_2004-02-27 (including) | initial_2004-02-27 (including) |