ID CVE-2006-2537
Summary Multiple format string vulnerabilities in (a) OpenBOR 2.0046 and earlier, (b) Beats of Rage (BOR) 1.0029 and earlier, and (c) Horizontal Shooter BOR (HOR) 2.0000 and earlier allow remote attackers to execute code via format string specifiers in configurations used in various mod files, as demonstrated by the (1) music identifier in data/scenes/intro.txt, which is not properly handled in the update function, and (2) background identifier in data/easy/1aeasy.txt, which is not properly handled in the shutdown function.
References
Vulnerable Configurations
  • cpe:2.3:a:horizontal_shooter_bor:horizontal_shooter_bor:*:*:*:*:*:*:*:*
    cpe:2.3:a:horizontal_shooter_bor:horizontal_shooter_bor:*:*:*:*:*:*:*:*
  • cpe:2.3:a:openbor:openbor:*:*:*:*:*:*:*:*
    cpe:2.3:a:openbor:openbor:*:*:*:*:*:*:*:*
  • cpe:2.3:a:senile_team:beats_of_rage:*:*:*:*:*:*:*:*
    cpe:2.3:a:senile_team:beats_of_rage:*:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 20-07-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 18088
misc http://aluigi.altervista.org/adv/borfs-adv.txt
osvdb 25687
secunia
  • 20173
  • 20174
  • 20181
vupen
  • ADV-2006-1901
  • ADV-2006-1902
  • ADV-2006-1903
xf bor-mod-file-format-string(26582)
Last major update 20-07-2017 - 01:31
Published 22-05-2006 - 23:10
Last modified 20-07-2017 - 01:31
Back to Top