Id · Id Tech 1 · CVE-2020-15007
**Name of the Vulnerable Software and Affected Versions**
id Tech 1 (aka Doom engine) (affected versions not specified)
**Description**
A buffer overflow in the M LoadDefaults function in m misc.c allows arbitrary code execution via an unsafe usage of fscanf, because it does not limit the number of characters to be read in a format argument.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.