{
  "id": "CVE-2020-14938",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2020-06-23T10:15:10.203",
  "lastModified": "2024-11-21T05:04:28.870",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assumes lengths of data sets read from saved game files. It copies data from a file into a fixed-size heap-allocated buffer without size verification, leading to a heap-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "Se detect\u00f3 un problema en el archivo map.c en FreedroidRPG versi\u00f3n 1.0rc2. Asume longitudes de conjuntos de datos le\u00eddos desde archivos de juego guardados. Copia datos desde un archivo en un b\u00fafer de tama\u00f1o fijo asignado a la pila sin verificaci\u00f3n de tama\u00f1o, conllevando a un desbordamiento del b\u00fafer en el regi\u00f3n heap de la memoria"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "baseScore": 7.5,
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL"
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:freedroid:freedroidrpg:1.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "BAFB35D5-E022-4A18-824B-0D48BC98A0AA"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://bugs.freedroid.org/b/issue951",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://logicaltrust.net/blog/2020/02/freedroid.html",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://bugs.freedroid.org/b/issue951",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://logicaltrust.net/blog/2020/02/freedroid.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    }
  ]
}