CVE-2011-4620

NameCVE-2011-4620
DescriptionBuffer overflow in the ulSetError function in util/ulError.cxx in PLIB 1.8.5, as used in TORCS 1.3.1 and other products, allows user-assisted remote attackers to execute arbitrary code via vectors involving a long error message, as demonstrated by a crafted acc file for TORCS. NOTE: some of these details are obtained from third party information.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-2425-1
NVD severityhigh (attack range: remote)
Debian Bugs654785

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
plib (PTS)wheezy1.8.5-6fixed
jessie, stretch1.8.5-7fixed
buster, sid1.8.5-8fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
plibsource(unstable)1.8.5-5.1high654785
plibsourcesqueeze1.8.5-5+squeeze1highDSA-2425-1

Search for package or bug name: Reporting problems