Candidate: CVE-2012-1189
PublicDate: 2012-10-08 18:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1189
 http://seclists.org/oss-sec/2012/q1/440
Description:
 Stack-based buffer overflow in modules/graphic/ssgraph/grsound.cpp in The
 Open Racing Car Simulator (TORCS) before 1.3.3 and Speed Dreams allows
 user-assisted remote attackers to execute arbitrary code via a long file
 name in an engine sample attribute in an xml configuration file.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660555
Priority: medium
Discovered-by: Andrés Gómez
Assigned-to:
CVSS: 

Patches_torcs:
upstream_torcs: released (1.3.3-1)
hardy_torcs: ignored (reached end-of-life)
lucid_torcs: ignored (reached end-of-life)
maverick_torcs: ignored (reached end-of-life)
natty_torcs: ignored (reached end-of-life)
oneiric_torcs: ignored (reached end-of-life)
precise_torcs: ignored (reached end-of-life)
precise/esm_torcs: DNE (precise was needed)
quantal_torcs: not-affected (1.3.3-4)
raring_torcs: not-affected (1.3.3-4)
saucy_torcs: not-affected (1.3.3-4)
trusty_torcs: not-affected (1.3.3-4)
trusty/esm_torcs: DNE (trusty was not-affected [1.3.3-4])
utopic_torcs: not-affected (1.3.3-4)
vivid_torcs: not-affected (1.3.3-4)
vivid/stable-phone-overlay_torcs: DNE
vivid/ubuntu-core_torcs: DNE
wily_torcs: not-affected (1.3.3-4)
xenial_torcs: not-affected (1.3.3-4)
yakkety_torcs: not-affected (1.3.3-4)
zesty_torcs: not-affected (1.3.3-4)
devel_torcs: not-affected (1.3.3-4)