CVE-2006-1147

Name of the Vulnerable Software and Affected Versions Alien Arena 2006 Gold Edition version 5.00

Description The issue is related to the Com sprintf function in q shared.c, which does not properly NULL terminate certain long strings. This allows remote attackers to cause a denial of service, resulting in an application crash, by using a long skin, weapon, or model name.

Recommendations For Alien Arena 2006 Gold Edition version 5.00, consider restricting the length of skin, weapon, or model names to prevent the application crash until a proper fix is available. As a temporary workaround, avoid using long names for skins, weapons, or models. At the moment, there is no information about a newer version that contains a fix for this issue.