CVE-2019-25104

NameCVE-2019-25104
DescriptionA vulnerability has been found in rtcwcoop 1.0.2 and classified as problematic. Affected by this vulnerability is the function AICast_ScriptLoad of the file code/game/ai_cast_script.c of the component Team Command Handler. The manipulation leads to denial of service. The name of the patch is f2cd18bc2e1cbca8c4b78bee9c392272bd5f42ac. It is recommended to apply a patch to fix this issue. The identifier VDB-221485 was assigned to this vulnerability.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
Debian Bugs1031732

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
iortcw (PTS)buster/contrib1.51.b+dfsg1-3vulnerable
bullseye/contrib1.51.c+dfsg1-3vulnerable
bookworm/contrib, sid/contrib1.51.c+dfsg1-4vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
iortcwsourcebuster(unfixed)end-of-life
iortcwsource(unstable)(unfixed)1031732

Notes

[bullseye] - iortcw <no-dsa> (Minor issue)
[buster] - iortcw <end-of-life> (games are not supported in LTS)
https://github.com/rtcwcoop/rtcwcoop/pull/45
Reported against a version based on iortcw, but seems missing in iortcw

Search for package or bug name: Reporting problems