Description
The client and server of Chaser 1.50 and earlier allow remote attackers to cause a denial of service (crash via exception) via a UDP packet with a length field that is greater than the actual data length, which causes Chaser to read unexpected memory.
Affected products
- cauldron / chaser_client1.5 – 1.5
- cauldron / chaser_server1.4.9 – 1.4.9
- cauldron / chaser_server1.5 – 1.5