PT-2006-3204 · Id · Quake Iii Arena+3

Landser

Published

2006-05-08

Updated

2024-06-15

CVE-2006-2236

CVSS v2.0

7.6

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Quake III Arena version 1.32b ET version 2.60 Return to Castle Wolfenstein version 1.41

Description The issue is a buffer overflow in the Quake 3 Engine. This allows remote attackers to execute arbitrary commands via a long remapShader command.

Recommendations For Quake III Arena version 1.32b, consider disabling the remapShader command until a patch is available. For ET version 2.60, restrict access to the remapShader functionality to minimize the risk of exploitation. For Return to Castle Wolfenstein version 1.41, avoid using the remapShader command in the affected API endpoint until the issue is resolved.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-2236

OPENSUSE-SU-2024:10863-1

Affected Products

Quake 3 Engine

Quake Iii Arena

Return To Castle Wolfenstein

PT-2006-3204 · Id · Quake Iii Arena+3

CVE-2006-2236

Related Identifiers

Affected Products

References · 16