Xfire 1.64 and earlier allows remote attackers to cause a denial of service (client application crash) via a long string to UDP port 25777.Referenceshttps://www.exploit-db.com/exploits/2571http://www.securityfocus.com/bid/20548https://exchange.xforce.ibmcloud.com/vulnerabilities/29602
