Arbitrary Code Execution Vulnerability in Teeworlds CClient::ProcessServerPacket Method

Arbitrary Code Execution Vulnerability in Teeworlds CClient::ProcessServerPacket Method

CVE-2016-9400 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The CClient::ProcessServerPacket method in engine/client/client.cpp in Teeworlds before 0.6.4 allows remote servers to write to arbitrary physical memory locations and possibly execute arbitrary code via vectors involving snap handling.

Learn more about our Cis Benchmark Audit For Server Software.