CVE-2011-4620

Name of the Vulnerable Software and Affected Versions PLIB version 1.8.5 TORCS version 1.3.1 plib-devel (affected versions not specified) plib (affected versions not specified) plib-debuginfo (affected versions not specified) plib-debugsource (affected versions not specified)

Description The issue involves a buffer overflow in the ulSetError function in util/ulError.cxx in PLIB, which can be exploited by remote attackers to execute arbitrary code via vectors involving a long error message. This can be demonstrated by a crafted acc file for TORCS. Additionally, multiple vulnerabilities in the plib package in openSUSE and Debian GNU/Linux operating systems can lead to disruption of confidentiality, integrity, and availability of protected information, and can be exploited remotely.

Recommendations For PLIB version 1.8.5, consider disabling the ulSetError function until a patch is available. For TORCS version 1.3.1, avoid using crafted acc files that can trigger the buffer overflow in the ulSetError function. For plib-devel, plib, plib-debuginfo, and plib-debugsource, at the moment, there is no information about a newer version that contains a fix for this vulnerability.