VYPR
Unrated severityNVD Advisory· Published May 22, 2006· Updated Jun 16, 2026

CVE-2006-2537

CVE-2006-2537

Description

Multiple format string vulnerabilities in (a) OpenBOR 2.0046 and earlier, (b) Beats of Rage (BOR) 1.0029 and earlier, and (c) Horizontal Shooter BOR (HOR) 2.0000 and earlier allow remote attackers to execute code via format string specifiers in configurations used in various mod files, as demonstrated by the (1) music identifier in data/scenes/intro.txt, which is not properly handled in the update function, and (2) background identifier in data/easy/1aeasy.txt, which is not properly handled in the shutdown function.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:horizontal_shooter_bor:horizontal_shooter_bor:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:horizontal_shooter_bor:horizontal_shooter_bor:*:*:*:*:*:*:*:*range: <=2.0000
    • (no CPE)range: <=2.0000
  • Openbor/Openbor2 versions
    cpe:2.3:a:openbor:openbor:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:openbor:openbor:*:*:*:*:*:*:*:*range: <=2.0046
    • (no CPE)range: <=2.0046
  • cpe:2.3:a:senile_team:beats_of_rage:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:senile_team:beats_of_rage:*:*:*:*:*:*:*:*range: <=1.0029
    • (no CPE)range: <=1.0029

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.