CVE-2006-1539

Name of the Vulnerable Software and Affected Versions: bsd-games versions prior to 2.17-r1

Description: The issue is related to multiple buffer overflows in the checkscores function in scores.c in tetris-bsd. This could allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content. The crafted content is executed when another user launches tetris-bsd.

Recommendations: For versions prior to 2.17-r1, update to version 2.17-r1 or later to resolve the issue. As a temporary workaround, consider restricting access to the tetris-bsd game for users with games group membership until the update is applied.