Launchpad CVE tracker

CVE 2012-1189

Stack-based buffer overflow in modules/graphic/ssgraph/grsound.cpp in The Open Racing Car Simulator (TORCS) before 1.3.3 and Speed Dreams allows user-assisted remote attackers to execute arbitrary code via a long file name in an engine sample attribute in an xml configuration file.

Related bugs and status

CVE-2012-1189 (Candidate) is related to these bugs:

Bug #941619: torcs: new versions 1.3.3 and 1.3.2 with security fixes available severity: important

		In	Importance	Status
941619	torcs: new versions 1.3.3 and 1.3.2 with security fixes available severity: important	torcs (Ubuntu)	Medium	Fix Released
941619	torcs: new versions 1.3.3 and 1.3.2 with security fixes available severity: important	torcs (Debian)	Unknown	Fix Released
941619	torcs: new versions 1.3.3 and 1.3.2 with security fixes available severity: important	torcs (Ubuntu Precise)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

References

EXPLOIT-DB: 18471
MLIST: [oss-security] 2012021...
MLIST: [oss-security] 2012030...
CONFIRM: http://freecode.com/pr...
OSVDB: 79372
CONFIRM: http://torcs.sourcefor...

Launchpad.net

CVE 2012-1189

Related bugs and status

Related bugs

References