9 lines
No EOL
679 B
Text
9 lines
No EOL
679 B
Text
source: https://www.securityfocus.com/bid/25436/info
|
|
|
|
Vavoom is prone to multiple remote vulnerabilities, including a buffer-overflow issue, a format-string issue, and a denial-of-service issue.
|
|
|
|
An attacker can exploit these issues to execute arbitrary code within the context of the affected application or crash the application, denying service to legitimate users.
|
|
|
|
Vavoom 1.24 is vulnerable; prior versions may also be affected.
|
|
|
|
For the buffer-overflow vulnerability, the attacker opens the 'vavoom\basev\doom2\config.cfg' file, and adds the following lines:'alias bof "say aaa...(992_'a's)...aaa" name ''aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'' ' |