CVE-2006-6227

Name of the Vulnerable Software and Affected Versions NeoEngine versions 0.8.2 and earlier

Description The issue allows remote attackers to cause a denial of service, resulting in an engine crash. This is achieved by sending a message with a large uiMessageLength that leads to a failed memory allocation and a null pointer dereference in the Core::Receive function.

Recommendations For NeoEngine versions 0.8.2 and earlier, consider disabling the Core::Receive function as a temporary workaround until a patch is available. Restrict access to the neonet/core.cpp module to minimize the risk of exploitation. Avoid using large uiMessageLength values in messages to prevent failed memory allocations and null pointer dereferences.