Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Panda3D <= 1.10.16 egg-mkfont Stack Buffer Overflow
Vulnerability Description
Panda3D versions up to and including 1.10.16 egg-mkfont contains a stack-based buffer overflow vulnerability due to use of an unbounded sprintf() call with attacker-controlled input. When constructing glyph filenames, egg-mkfont formats a user-supplied glyph pattern (-gp) into a fixed-size stack buffer without length validation. Supplying an excessively long glyph pattern string can overflow the stack buffer, resulting in memory corruption and a deterministic crash. Depending on build configuration and execution environment, the overflow may also be exploitable for arbitrary code execution.
CVSS Information
N/A
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
Panda3D 安全漏洞
Vulnerability Description
Panda3D是Panda3D开源的一个跨平台游戏引擎。 Panda3D 1.10.16及之前版本存在安全漏洞,该漏洞源于egg-mkfont使用无界sprintf调用,可能导致栈缓冲区溢出、内存损坏或任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A