Teeworlds: Remote execution of arbitrary code on client Teeworlds client vulnerability in snap handling could result in execution of arbitrary code. teeworlds 2017-05-26 2017-05-26 600178 remote 0.6.4 0.6.4

Teeworlds is an online multi-player platform 2D shooter.

Teeworlds client contains a vulnerability allowing a malicious server to execute arbitrary code, or write to arbitrary physical memory via the CClient::ProcessServerPacket method.

A remote malicious server can write to arbitrary physical memory locations and possibly execute arbitrary if a vulnerable client joins the server.

There is no known workaround at this time.

All Teeworlds users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=games-action/teeworlds-0.6.4:0" CVE-2016-9400 BlueKnight BlueKnight