CVE-2019-10878

CRITICAL

Teeworlds 0.7.2 - Out-of-bounds Write in CDataFileReader

Title source: llm
STIX 2.1

Description

In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData() and CDataFileReader::ReplaceData() and related functions in engine/shared/datafile.cpp that can lead to an arbitrary free and out-of-bounds pointer write, possibly resulting in remote code execution.

References (4)

Core 4
Core References
Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://github.com/teeworlds/teeworlds/issues/2073

Scores

CVSS v3 9.8
EPSS 0.0394
EPSS Percentile 89.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (1)
teeworlds/teeworlds 0.7.2
Published Apr 05, 2019
Tracked Since Feb 18, 2026