Joined: 13 Jun 2003
Location: Barcelona, Spain
|Posted: Sun Mar 20, 2005 8:41 pm Post subject: [ GLSA 200503-24 ] LTris: Buffer overflow
|Gentoo Linux Security Advisory
Title: LTris: Buffer overflow (GLSA 200503-24)
Date: March 20, 2005
LTris is vulnerable to a buffer overflow which could lead to the execution of arbitrary code.
LTris is a Tetris clone.
Vulnerable: < 1.0.10
Unaffected: >= 1.0.10
Architectures: All supported architectures
LTris is vulnerable to a buffer overflow when reading the global highscores file.
By modifying the global highscores file a malicious user could trick another user to execute arbitrary code.
There is no known workaround at this time.
All LTris users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=games-puzzle/ltris-1.0.10"
Last edited by GLSA on Sun May 07, 2006 4:55 pm; edited 1 time in total