CVE-2006-1101

CVE-2006-1101 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The (1) sgetstr and (2) getint functions in Sauerbraten 2006_02_28, as derived from the Cube engine, allow remote attackers to cause a denial of service (segmentation fault) via long streams of input data that trigger an out-of-bounds read, as demonstrated using SV_EXT tag data in the Cube engine, which is not properly handled by getint.

Learn more about our Web Application Penetration Testing UK.