Back to the Vavoom Forum Archives


[Fixed] Vulnerability issues in Vavoom <= 1.24

Sat, 29 Sep 2007 11:20:03


A Gentoo Linux developer has reported three vulnerability issues in Vavoom 1.24 and earlier. The vulnerabilities are: [list:2m5vxis0] [*:2m5vxis0]Format string vulnerability in the Say command in sv_main.cpp[/*:m:2m5vxis0] [*:2m5vxis0]Buffer overflow in the VThinker::BroadcastPrintf function in p_thinker.cpp[/*:m:2m5vxis0] [*:2m5vxis0]Possible DOS in VStr::Resize function in str.cpp[/*:m:2m5vxis0][/list:u:2m5vxis0] I think that Janis & Firebrand are wise to them, but it's always better to not hide these issues <!-- s:wink: --><img src="{SMILIES_PATH}/icon_wink.gif" alt=":wink:" title="Wink" /><!-- s:wink: --> Are these bugs already resolved in latest SVN code? If true, can you link me the revision changes that fix those ones?
Sat, 29 Sep 2007 18:39:26

Janis Legzdinsh

Fixed in revisions 2684-2686.

Back to the Vavoom Forum Archives