[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Update: Clients buffer-overflow in Live for Speed 0.5X10

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Update: Clients buffer-overflow in Live for Speed 0.5X10
From: Luigi Auriemma <aluigi@xxxxxxxxxxxxx>
Date: Mon, 24 Dec 2007 18:22:17 +0100

New patch, old bug.

The Y patch has been released a couple of days ago but the lfscbof
buffer-overflow vulnerability is still there, so any player can crash the
others using the same old proof-of-concept I released two months and
half ago:

  http://aluigi.org/adv/lfscbof-adv.txt
  http://www.youtube.com/watch?v=jZea65fOhPY


--- 
Luigi Auriemma
http://aluigi.org

Prev by Date: SimpleForum <= 4.6.2 - Cross-Site Scripting Vulnerability
Next by Date: Re: PHP <= 5.2.5 Safe Mode Bypass
Previous by thread: SimpleForum <= 4.6.2 - Cross-Site Scripting Vulnerability
Next by thread: Double directory traversal in ImgSvr 0.6.21
Index(es):
- Date
- Thread