[原文]Buffer overflow in XBoard 4.2.7 and earlier might allow local users to execute arbitrary code via a long -icshost command line argument. NOTE: since the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability.
A local overflow exists in XBoard. The -icshost command-line option fails to validate user input resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.