Your submission was sent successfully! Close

CVE-2011-4620

Published: 31 December 2011

Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB 1.8.5, as used in TORCS 1.3.1 and other products, allows user-assisted remote attackers to execute arbitrary code via vectors involving a long error message, as demonstrated by a crafted acc file for TORCS. NOTE: some of these details are obtained from third party information.

Priority

Medium

Status

Package Release Status
plib
Launchpad, Ubuntu, Debian
hardy Ignored
(reached end-of-life)
lucid
Released (1.8.5-5+squeeze1build0.10.04.1)
maverick
Released (1.8.5-5+squeeze1build0.10.10.1)
natty
Released (1.8.5-5+squeeze1build0.11.04.1)
oneiric
Released (1.8.5-5+squeeze1build0.11.10.1)
precise
Released (1.8.5-5.2)
upstream
Released (1.8.5-5.2)
torcs
Launchpad, Ubuntu, Debian
hardy Ignored
(reached end-of-life)
lucid Not vulnerable
(code not present)
maverick Not vulnerable
(code not present)
natty Not vulnerable
(code not present)
oneiric Not vulnerable
(code not present)
precise Not vulnerable
(code not present)
upstream Not vulnerable
(code not present)