A vulnerability has been discovered in PLIB, which can be
exploited by malicious people to compromise an application
using the library. The vulnerability is caused due to a
boundary error within the "ulSetError()" function
(src/util/ulError.cxx) when creating the error message,
which can be exploited to overflow a static buffer.
Successful exploitation allows the execution of arbitrary
code but requires that the attacker can e.g. control the
content of an overly long error message passed to the
"ulSetError()" function.
The vulnerability is confirmed in version 1.8.5. Other
versions may also be affected.
Originally reported in TORCS by Andres Gomez.