Live for Speed - Skin Name Buffer Overflow

EDB-ID:

30672




Platform:

Windows

Date:

2007-10-13


source: https://www.securityfocus.com/bid/26066/info

Live for Speed is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the vulnerable application. Successfully exploiting this issue will allow remote attackers to compromise affected computers. Failed exploit attempts will likely cause denial-of-service conditions.

UPDATE (December 24, 2007): The recently released Y patch does not address this issue. Please see the references for more information. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/30672.zip