Arbitrary Free and Out-of-Bounds Pointer Write Vulnerability in Teeworlds 0.7.2

Arbitrary Free and Out-of-Bounds Pointer Write Vulnerability in Teeworlds 0.7.2

CVE-2019-10878 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData() and CDataFileReader::ReplaceData() and related functions in engine/shared/datafile.cpp that can lead to an arbitrary free and out-of-bounds pointer write, possibly resulting in remote code execution.

Learn more about our Web Application Penetration Testing UK.