6.4

CVE-2014-9351

engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote attackers to read memory and cause a denial of service (crash) via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
TeeworldsTeeworlds Version6.0
TeeworldsTeeworlds Version6.1
TeeworldsTeeworlds Version6.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.73% 0.841
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.4 10 4.9
AV:N/AC:L/Au:N/C:P/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145172.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145173.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145650.html
http://www.securityfocus.com/bid/71301
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770514
https://github.com/teeworlds/teeworlds/commit/a766cb44bcffcdb0b88e776d01c5ee1323d44f85
https://www.teeworlds.com/?page=news&id=11200
Patch
Vendor Advisory