Stack-based buffer overflow in the CL_ParseDownload function of Quake 3 Engine 1.32c and previous versions, as used in multiple products, allows remote malicious users to execute arbitrary code via a svc_download command with compressed data that triggers the overflow during expansion.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
id software quake 3 engine |