2020-06-22 19:13:34
mitre
PUBLISHED
The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesnt validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the servers stack.