Title: Alien Arena 2007 Multiple Remote Vulnerabilities
Severity: HIGH
Description:
Alien Arena 2007 online multiplayer death-match game available for Windows and Linux operating systems.
Alien Arena 2007 is prone to multiple remote vulnerabilities:
- A format-string vulnerability occurs because the application fails to sanitize user-supplied input before using it in the 'cprintf()' formatted-printing function. The issue resides in the 'safe_brintf()' function of the 'game/acesrc/acebot_cmds.c' file.
- A denial-of-service vulnerability occurs in the game server. When querying the game server, it returns information such as the list of players who are logged on and their IP addresses. An attacker could exploit this issue by using the 'client_connect' command and the queried information to disconnect users from the game server.
Successfully exploiting these issues will allow an attacker to execute arbitrary code within the context of the affected application or to disconnect users from the game server.
Alien Arena 2007 6.10 is vulnerable; other versions may also be affected.
Affected Products:
- COR Entertainment Alien Arena 2007 6.10
References:
- COR Entertainment: Alien Arena 2007 Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
