[原文]The ZCom_BitStream::Deserialize function in Zoidcom 1.0 beta 4 and earlier allows remote attackers to cause a denial of service via a crafted UDP packet with a large size value, which causes a memory allocation error or an out-of-bounds read.
Zoidcom ZCom_BitStream::Deserialize Function Remote Overflow DoS
Remote / Network Access
Denial of Service,
Loss of Integrity,
Loss of Availability
A remote overflow exists in Zoidcom. The ZCom_Bitstream::Deserialize function fails to validate packet size data resulting in a buffer overflow. With a specially crafted request, an attacker can cause denial of service resulting in a loss of availability.
Upgrade to version 1.0 beta 5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.