CVE-2018-1000524
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-1000524
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-1000524.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-1000524
- Published
- 2018-06-26T16:29:01.507Z
- Modified
- 2025-12-04T04:47:06.972956Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
miniSphere version 5.2.9 and earlier contains a Integer Overflow vulnerability in layerresize() function in mapengine.c that can result in remote denial of service. This attack appear to be exploitable via the victim must load a specially-crafted map which calls SetLayerSize in its entry script. This vulnerability appears to have been fixed in 5.0.3, 5.1.5, 5.2.10 and later.
- References
Affected packages
Git / github.com/fatcerberus/minisphere
Git / github.com/spheredev/neosphere
Affected ranges
- Type
- GIT
- Repo
- https://github.com/spheredev/neosphere
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v1.*
v1.0
v1.0.1
v1.0.10
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.0.8
v1.0.9
v1.0b1
v1.0b2
v1.0b3
v1.0b4
v1.0b5
v1.1
v1.1.1
v1.1.2
v1.1.3
v1.1.4
v1.1.5
v1.1.6
v1.1b1
v1.1b2
v1.1b3
v1.1b4
v1.1b5
v1.2
v1.2.1
v1.2.2
v1.2.3
v1.2b1
v1.3.0
v1.3.1
v1.3.2
v1.4.0
v1.4.1
v1.4.2
v1.4.3
v1.4.4
v1.4.5
v1.4.6
v1.4.7
v1.5.0
v1.5.1
v1.5.2
v1.5.3
v1.6.0
v1.6.1
v1.7.0
v1.7.1
v1.7.10
v1.7.11
v1.7.2
v1.7.3
v1.7.4
v1.7.5
v1.7.6
v1.7.7
v1.7.8
v1.7.9
v2.*
v2.0.0
v2.0b1
v2.0b2
v2.1.0
v2.1.5
v2.1.6
v3.*
v3.0.0
v3.0.1
v3.0.2
v3.0.3
v3.0.4
v3.0.5
v3.0.6
v3.0.7
v3.0.8
v3.0b1
v3.0b2
v3.0b3
v3.0b4
v3.0rc1
v3.0rc2
v3.0rc3
v3.0rc4
v3.0rc5
v3.0rc6
v3.1.0
v3.1.1
v3.1.2
v3.2.0
v3.3.0
v4.*
v4.0.0
v4.0.1
v4.0b1
v4.1.0
v4.1.1
v4.2.0
v4.2.1
v4.2.2
v4.2.3
v4.2.4
v4.3.0
v4.3.1
v4.3.2
v4.3.3
v4.3.4
v4.3.5
v4.3.6
v4.3.7
v4.3.8
v4.4.0
v4.4.1
v4.4.2
v4.4.3
v4.4.4
v4.5.0
v4.5.1
v4.5.10
v4.5.11
v4.5.2
v4.5.3
v4.5.4
v4.5.5
v4.5.6
v4.5.7
v4.5.8
v4.5.9
v4.6.0
v4.7.0
v4.7.1
v4.7.2
v4.8.0
v4.8.1
v4.8.2
v4.8.3
v4.8.4
v5.*
v5.0.0
v5.0.1
v5.0b1
v5.0b2
v5.0b3
v5.0b4
v5.0rc
v5.1.0
v5.1.1
v5.1.2
v5.1.3
v5.2.0
v5.2.1
v5.2.2
v5.2.3
v5.2.4
v5.2.5
v5.2.6
v5.2.7
v5.2.8
v5.2.9
v5.2b1
v5.2b2
v5.2b3
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"source": "https://github.com/spheredev/neosphere/commit/252c1ca184cb38e1acb917aa0e451c5f08519996",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-1000524-198c9aba",
"target": {
"file": "src/minisphere/map_engine.c",
"function": "layer_resize"
},
"digest": {
"length": 1901.0,
"function_hash": "170143517028032342080500132422817848451"
}
},
{
"signature_type": "Line",
"source": "https://github.com/spheredev/neosphere/commit/252c1ca184cb38e1acb917aa0e451c5f08519996",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-1000524-73705c73",
"target": {
"file": "src/minisphere/map_engine.c"
},
"digest": {
"line_hashes": [
"149958430812384459259757553598581749244",
"9081871458178161176301530231438279178",
"94692261392162295954089957543841421114",
"113177196593337940257210890880753596294",
"239666405935656265764775373556150290491",
"101309720562719714366408607530795296325",
"324061058745041853944051923312819771606",
"111694402351152506158887848947322168459"
],
"threshold": 0.9
}
}
]