CVE-2009-4846

Deliantra < 2.82 - Remote Code Execution via Command Gsay and Book Implementation

Title source: llm
STIX 2.1

Description

Multiple buffer overflows in Deliantra Server before 2.82 allow remote attackers to execute arbitrary code via vectors related to (1) the command_gsay function in server/c_party.C and (2) the book implementation.

References (8)

Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/54205
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/59879
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/54206
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/3176
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/59878
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/37317

Scores

EPSS 0.0387
EPSS Percentile 89.0%

Details

CWE
CWE-119
Status published
Products (49)
deliantra/deliantra 0.99
deliantra/deliantra 0.9955
deliantra/deliantra 0.9956
deliantra/deliantra 0.9959
deliantra/deliantra 0.9960
deliantra/deliantra 0.9963
deliantra/deliantra 0.9965
deliantra/deliantra 0.9967
deliantra/deliantra 0.9970
deliantra/deliantra 0.9972
... and 39 more
Published May 07, 2010
Tracked Since Feb 18, 2026