CVE-2006-1147

Alien Arena 2006 Gold Edition 5.00 - DoS

Title source: llm

Description

The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers (possibly authenticated) to cause a denial of service (application crash) via a long skin, weapon, or model name.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Luigi Auriemma · cdoswindows

https://www.exploit-db.com/exploits/1564

View Code ZIP pw:eip

References (8)

[Third Party Advisory, VDB Entry] http://www.osvdb.org/23749

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/426984/100/0/threaded

[Exploit, Vendor Advisory] http://aluigi.altervista.org/adv/aa2k6x-adv.txt

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/0882

[Vendor Advisory] http://secunia.com/advisories/19144

[Third Party Advisory] http://archives.neohapsis.com/archives/fulldisclosure/2006-03/0147.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/17028

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/25201

Scores

EPSS 0.1060

EPSS Percentile 93.3%

Details

Status published

Products (1)

cor_entertainment/alien_arena_2006 gold_5.00

Published Mar 10, 2006

Tracked Since Feb 18, 2026