CVE-2005-3487

Name of the Vulnerable Software and Affected Versions Scorched 3D versions 39.1 and earlier

Description The issue allows remote attackers to execute arbitrary code due to multiple buffer overflows. This can occur via various functions, including GLConsole::addLine, ServerCommon::sendString, and ServerCommon::serverLog. Additionally, a long command that is not properly handled in ComsMessageHandler.cpp when generating an error message and a long UniqueID value in Logger.cpp can also lead to exploitation.

Recommendations For Scorched 3D versions 39.1 and earlier, consider disabling the GLConsole::addLine, ServerCommon::sendString, and ServerCommon::serverLog functions as a temporary workaround until a patch is available. Restrict access to ComsMessageHandler.cpp and Logger.cpp to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.