CVE-2005-3487 Information

Description

Multiple buffer overflows in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine (2) ServerCommon::sendString (3) ServerCommon::serverLog functions (4) a long command that is not properly handled in ComsMessageHandler.cpp when generating an error message (5) a long UniqueID value in Logger.cpp and possibly other unspecified vectors.

Reference

http://aluigi.altervista.org/adv/scorchbugs-adv.txt http://marc.info/?l=full-disclosure&m=113095941031946&w=2 http://secunia.com/advisories/17423 http://www.gentoo.org/security/en/glsa/glsa-200511-12.xml http://www.osvdb.org/20468 http://www.osvdb.org/20469 http://www.securityfocus.com/bid/15292 http://www.vupen.com/english/advisories/2005/2288