CVE-2005-3487

Scorched 3D - Buffer Overflow

Title source: rule

Description

Multiple buffer overflows in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) ServerCommon::serverLog functions, (4) a long command that is not properly handled in ComsMessageHandler.cpp when generating an error message, (5) a long UniqueID value in Logger.cpp, and possibly other unspecified vectors.

Exploits (1)

exploitdb WORKING POC

cdoswindows

https://www.exploit-db.com/exploits/1285

View on exploitdb

References (8)

[Exploit, Vendor Advisory] http://aluigi.altervista.org/adv/scorchbugs-adv.txt

[Mailing List] http://marc.info/?l=full-disclosure&m=113095941031946&w=2

[Third Party Advisory] http://www.gentoo.org/security/en/glsa/glsa-200511-12.xml

[Third Party Advisory, VDB Entry] http://www.osvdb.org/20468

[Third Party Advisory, VDB Entry] http://www.osvdb.org/20469

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/15292

[Third Party Advisory] http://secunia.com/advisories/17423

[Third Party Advisory] http://www.vupen.com/english/advisories/2005/2288

Scores

EPSS 0.1823

EPSS Percentile 95.1%

Classification

Status draft

Affected Products (1)

scorched_3d/scorched_3d

Timeline

Published Nov 03, 2005

Tracked Since Feb 18, 2026