Published: 30/06/2006 Updated: 18/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

The Automatic Downloading option in the id3 Quake 3 Engine and the Icculus Quake 3 Engine (ioquake3) before revision 804 allows remote malicious users to overwrite arbitrary files in the quake3 directory (fs_homepath cvar) via a long string of filenames, as contained in the neededpaks buffer.

Vulnerable Product	Search on Vulmon	Subscribe to Product
id software quake 3 engine 1.32c
id software quake 3 engine icculus_803
id software quake 3 engine
id software quake 3 engine 1.32b
id software quake 3 engine icculus_804

Debian Bug report logs - #660834 tremulous: CVE-2006-3325 ("q3cfilevar-B") configuration overwriting Package: tremulous; Maintainer for tremulous is (unknown); Reported by: Simon McVittie <smcv@debianorg> Date: Wed, 22 Feb 2012 08:59:13 UTC Severity: grave Tags: security Found in version tremulous/110-41 Fixed in vers ...

Debian Bug report logs - #660832 tremulous: CVE-2006-3324 ("q3cfilevar-A") arbitrary file overwriting Package: tremulous; Maintainer for tremulous is (unknown); Reported by: Simon McVittie <smcv@debianorg> Date: Wed, 22 Feb 2012 08:58:41 UTC Severity: grave Tags: security Found in version tremulous/110-41 Fixed in ver ...

Debian Bug report logs - #660827 tremulous: CVE-2006-2236 ("the remapShader exploit") can lead to arbitrary code execution Package: tremulous; Maintainer for tremulous is (unknown); Reported by: Simon McVittie <smcv@debianorg> Date: Wed, 22 Feb 2012 08:39:01 UTC Severity: grave Tags: security Found in version tremulous/1 ...

Debian Bug report logs - #660836 tremulous: CVE-2011-2764, CVE-2011-3012 DLL overwriting by malicious bytecode Package: tremulous; Maintainer for tremulous is (unknown); Reported by: Simon McVittie <smcv@debianorg> Date: Wed, 22 Feb 2012 09:06:13 UTC Severity: grave Tags: security Found in version tremulous/110-41 Fix ...

Debian Bug report logs - #660831 tremulous-server: CVE-2006-2082 arbitrary file download from server Package: tremulous-server; Maintainer for tremulous-server is (unknown); Reported by: Simon McVittie <smcv@debianorg> Date: Wed, 22 Feb 2012 08:58:28 UTC Severity: grave Tags: security Found in version tremulous/110-41 ...

/* Quake 3 Engine Client CG_ServerCommand() Remote Stack Overflow Exploit (Win32) Written by RunningBon E-Mail: runningbon@gmailcom IRC: ircrizonnet #kik This is a DLL, which gets injected into the server exe You will need Microsoft Detours library to compile this exploit (researchmicrosoftcom/sn/detours/) Use this responsibly You ...

NVD-CWE-Other http://aluigi.altervista.org/adv/q3cfilevar-adv.txt http://svn.icculus.org/quake3?rev=804&view=rev http://www.securityfocus.com/bid/18685 http://secunia.com/advisories/20401 http://secunia.com/advisories/20851 http://securityreason.com/securityalert/1171 http://www.vupen.com/english/advisories/2006/2569 https://exchange.xforce.ibmcloud.com/vulnerabilities/27486 http://www.securityfocus.com/archive/1/438660/100/0/threaded http://www.securityfocus.com/archive/1/438515/100/0/threaded https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660834 https://www.exploit-db.com/exploits/1976/

CVE-2006-3324

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect