Soldner Secret Wars 30830 and earlier does not properly handle the "message too long" socket error, which allows remote attackers to cause a denial of service (socket termination) via a long UDP packet.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| jowood_productions | soldner_secret_wars | * |
Format string vulnerability in Soldner Secret Wars 30830 and earlier allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in a message.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| jowood_productions | soldner_secret_wars | 30830 |
Cross-site scripting (XSS) vulnerability in the web interface in Soldner Secret Wars 30830 allows remote attackers to inject arbitrary web script or HTML via a user message, which is not filtered or quoted when the administrator views the server logs.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| jowood_productions | soldner_secret_wars | * |
Buffer overflow in JoWood Chaser 1.50 and earlier allows remote attackers to cause a denial of service (client or server crash) and execute arbitrary code via a long nickname.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| jowood_productions | chaser | 1.0 |
| jowood_productions | chaser | 1.50 |