CVE-2021-30184
- EPSS 0.71%
- Published 07.04.2021 12:15:16
- Last modified 12.01.2025 21:15:18
GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc.
CVE-2019-15767
- EPSS 0.31%
- Published 29.08.2019 03:15:11
- Last modified 21.11.2024 04:29:25
In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmd_load function in frontend/cmd.cc via a crafted chess position in an EPD file.
CVE-2015-8972
- EPSS 2.39%
- Published 23.01.2017 21:59:00
- Last modified 20.04.2025 01:37:25
Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode.
CVE-2002-0204
- EPSS 3.21%
- Published 16.05.2002 04:00:00
- Last modified 03.04.2025 01:03:51
Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its own design as a single-user application, may allow local or remote attackers to execute arbitrary code via a long command.