CVE-2019-10878 - In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData() and CDataFileReader

CVE-2019-10878

Summary

In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData() and CDataFileReader::ReplaceData() and related functions in engine/shared/datafile.cpp that can lead to an arbitrary free and out-of-bounds pointer write, possibly resulting in remote code execution.

References

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00077.html
https://github.com/teeworlds/teeworlds/issues/2073
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KCS2CFDYJFBLZ4QKVPNJWHOZEGQ2LBC/

Vulnerable Configurations

cpe:2.3:a:teeworlds:teeworlds:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:teeworlds:teeworlds:0.7.2:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 07-05-2019 - 19:29)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

fedora	FEDORA-2019-d29e04fa11
misc	https://github.com/teeworlds/teeworlds/issues/2073
suse	openSUSE-SU-2019:1793 openSUSE-SU-2019:1999

Last major update

07-05-2019 - 19:29

Published

05-04-2019 - 05:29

Last modified

07-05-2019 - 19:29