Search CVE reports


Toggle filters

1 – 3 of 3 results


CVE-2021-30184

Medium priority

Some fixes available 3 of 9

GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions...

1 affected package

gnuchess

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gnuchess Fixed Fixed Not affected Not affected Not affected
Show less packages

CVE-2019-15767

Negligible priority
Vulnerable

In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmd_load function in frontend/cmd.cc via a crafted chess position in an EPD file.

1 affected package

gnuchess

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gnuchess Not affected Not affected Vulnerable Vulnerable Not affected
Show less packages

CVE-2015-8972

Negligible priority
Vulnerable

Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode.

1 affected package

gnuchess

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gnuchess Not affected Not affected Not affected Not affected Vulnerable
Show less packages