CVE-2006-3401

Name of the Vulnerable Software and Affected Versions Quake 3: Arena versions 1.32b through 1.32c

Description The issue is a stack-based buffer overflow in the Quake 3 Engine, which can be exploited by remote attackers to cause a denial of service and potentially execute code. This is achieved by sending long CS ITEMS values.

Recommendations For Quake 3: Arena versions 1.32b through 1.32c, consider restricting access to the game server to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using long CS ITEMS values in the game. At the moment, there is no information about a newer version that contains a fix for this issue.