gMotor2 Game Engine Multiple Vulnerabilities
BID:25358
Info
gMotor2 Game Engine Multiple Vulnerabilities
| Bugtraq ID: | 25358 |
| Class: | Unknown |
| CVE: |
CVE-2007-4445 CVE-2007-4444 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 18 2007 12:00AM |
| Updated: | Jul 05 2016 10:00PM |
| Credit: | Luigi Auriemma is credited with the discovery of this issue. |
| Vulnerable: |
SimBin Development Team RACE - The WTCC Game 07 0 SimBin Development Team GTR - FIA GT Racing Game 0 SimBin Development Team GT Legends 0 rFactor rFactor 1250 rFactor rFactor 1150 Image Space Incorporated gMotor2 - game engine 0 Electronic Arts Inc. F1 Challenge 99-02 0 10TACLE STUDIOS AG BMW M3 Challenge 0 |
| Not Vulnerable: | |
Discussion
gMotor2 Game Engine Multiple Vulnerabilities
The gMotor2 game engine is prone to multiple code-execution and denial-of-service vulnerabilities. Four vulnerabilities were reported.
These vulnerabilities may be triggered by malicious client requests to games that use the affected engine, including rFactor. Successful exploits could crash a game server or let remote attackers execute arbitrary code on the computer hosting affected software.
NOTE: This BID originally stated that the vulnerabilities were in the rFactor game. New information shows that the gMotor2 game engine and multiple games that use the engine are vulnerable. This BID was updated to reflect this new information.
The gMotor2 game engine is prone to multiple code-execution and denial-of-service vulnerabilities. Four vulnerabilities were reported.
These vulnerabilities may be triggered by malicious client requests to games that use the affected engine, including rFactor. Successful exploits could crash a game server or let remote attackers execute arbitrary code on the computer hosting affected software.
NOTE: This BID originally stated that the vulnerabilities were in the rFactor game. New information shows that the gMotor2 game engine and multiple games that use the engine are vulnerable. This BID was updated to reflect this new information.
Exploit / POC
gMotor2 Game Engine Multiple Vulnerabilities
The following exploit code is available:
The following exploit code is available:
Solution / Fix
gMotor2 Game Engine Multiple Vulnerabilities
Solution:
An update was released to address this issue. Please see the references for more information.
rFactor rFactor 1250
rFactor rFactor 1150
Solution:
An update was released to address this issue. Please see the references for more information.
rFactor rFactor 1250
-
rFactor rFactor1255Update.7z
http://rapidshare.com/files/57485749/rFactor1255Update.7z
rFactor rFactor 1150
-
rFactor rFactor1255Update.7z
http://rapidshare.com/files/57485749/rFactor1255Update.7z
References
gMotor2 Game Engine Multiple Vulnerabilities
References:
References:
- rF v1255 update (Race Sim Central)
- Vendor Homepage (Image Space Incorporated)
- Multiple vulnerabilities in rFactor 1.250 (Luigi Auriemma
- Multiple vulnerabilities in the gMotor2 engine (Luigi Auriemma)
- Re: Multiple vulnerabilities in rFactor 1.250 (superfreak)