Title: Best Way GEM Engine Multiple Vulnerabilities
Severity: CRITICAL
Description:
GEM Engine is a game creation platform.
GEM Engine is prone to multiple the following vulnerabilities:
- Multiple denial-of-service vulnerabilities occur because the application fails to properly process invalid packets.
- A NULL-pointer dereference is generated because the application fails to properly handle incomplete packets sent to TCP port 3210.
- A buffer-overflow vulnerability occurs because the application fails to properly process an unspecified type of packet.
An attacker can exploit these issues to cause applications using the engine to crash, resulting in a denial-of-service condition, or to execute arbitrary code in the context of the vulnerable application. Other attacks may also be possible.
GEM Engine 2 and GEM Engine 3 are vulnerable.
Affected Products:
- Best Way Faces of War 1.04.1
- Best Way GEM Engine 2
- Best Way GEM Engine 3
- Best Way Majesty 2 1.3.336.0
- Best Way Men of War 1.11.3
- Best Way Men of War 1.17.5
References:
- Best Way: Best Way Homepage
- Best Way: Best Way Products Page
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
