CVE-2019-20797
HIGHprboom-plus 2.5.1.5 - Buffer Overflow in UDP Packet Handler
Title source: llmDescription
An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by I_SendPacket or I_SendPacketTo in i_network.c.
References (7)
Core 7
Core References
Third Party Advisory x_refsource_misc
https://sourceforge.net/p/prboom-plus/bugs/252/
Third Party Advisory x_refsource_misc
https://sourceforge.net/p/prboom-plus/bugs/253/
Exploit, Third Party Advisory x_refsource_misc
https://logicaltrust.net/blog/2019/10/prboom1.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/77J22ZEQXS5SAYZGBDJ475AKFFJNKX5L/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3WS7GRZUIHCGLFET33MGC3PEKCH37W6/
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00027.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00028.html
Scores
CVSS v3
7.5
EPSS
0.0269
EPSS Percentile
84.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-787
Status
published
Products (1)
prboom-plus_project/prboom-plus
2.5.1.5
Published
May 18, 2020
Tracked Since
Feb 18, 2026