PT-2006-4217 · Id+1 · Id3 Quake 3 Engine+1

Luigi Auriemma

Publicado

2006-06-30

Atualizado

2018-10-18

CVE-2006-3324

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions id3 Quake 3 Engine versions prior to revision 804 Icculus Quake 3 Engine (ioquake3) versions prior to revision 804

Description The issue allows remote attackers to overwrite arbitrary files in the quake3 directory, which is specified by the fs homepath cvar, by providing a long string of filenames in the neededpaks buffer.

Recommendations For id3 Quake 3 Engine versions prior to revision 804, update to revision 804 or later. For Icculus Quake 3 Engine (ioquake3) versions prior to revision 804, update to revision 804 or later.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-3324

Produtos afetados

Id3 Quake 3 Engine

Ioquake3

PT-2006-4217 · Id+1 · Id3 Quake 3 Engine+1

CVE-2006-3324

Identificadores relacionados

Produtos afetados

Referências · 15