CVE-2006-1539

Description

Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games before 2.17-r1 in Gentoo Linux might allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content, which is executed when another user launches tetris-bsd.

Affected products

• bsd-games / tetris-bsdgold – gold

References

• MISChttp://bugs.gentoo.org/show_bug.cgi?id=122399
• MISChttp://www.osvdb.org/24261
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/25611
• MISChttp://www.securityfocus.com/bid/17308
• VENDOR_ADVISORYhttp://secunia.com/advisories/19442
• MISChttp://www.gentoo.org/security/en/glsa/glsa-200603-26.xml