VYPR

Alien Arena

by Alien Arena

CVEs (7)

  • CVE-2007-4754Sep 8, 2007
    risk 0.03cvss epss 0.05

    Format string vulnerability in the safe_bprintf function in acesrc/acebot_cmds.c in Alien Arena 2007 6.10 and earlier allows remote attackers to cause a denial of service (daemon crash) via format string specifiers in a nickname.

  • CVE-2006-1146Mar 10, 2006
    risk 0.03cvss epss 0.05

    Stack-based buffer overflow in the Cmd_Say_f function in g_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code by sending a long message to the server.

  • CVE-2006-1147Mar 10, 2006
    risk 0.03cvss epss 0.03

    The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers (possibly authenticated) to cause a denial of service (application crash) via a long skin, weapon, or model name.

  • CVE-2006-1145Mar 10, 2006
    risk 0.03cvss epss 0.04

    Format string vulnerability in the safe_cprintf function in acebot_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code via unspecified vectors when the server sends crafted messages to the clients.

  • CVE-2009-3637Jan 13, 2010
    risk 0.01cvss epss 0.08

    Stack-based buffer overflow in the M_AddToServerList function in client/menu.c in Red Planet Arena Alien Arena 7.30 allows remote attackers to execute arbitrary code via a packet with a crafted server description to UDP port 27901 followed by a packet with a long print command.

  • CVE-2010-3439Nov 12, 2019
    risk 0.00cvss epss 0.02

    It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command.

  • CVE-2007-4755Sep 8, 2007
    risk 0.00cvss epss 0.02

    Alien Arena 2007 6.10 and earlier allows remote attackers to cause a denial of service (client disconnect) by sending a client_connect command in a forged packet from the server to a client. NOTE: client IP addresses are available via product-specific queries.

VYPR — Vulnerability Intelligence