Published: 06/07/2006 Updated: 19/10/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Stack-based buffer overflow in the CG_ServerCommand function in Quake 3 Engine as used by Soldier of Fortune 2 (SOF2MP) GOLD 1.03 allows remote malicious users to cause a denial of service and possibly execute code by sending a long command from the server.

Vulnerable Product	Search on Vulmon	Subscribe to Product
id software quake 3 engine icculus_812
raven software soldier of fortune 2 1.03
id software quake 3 engine 1.32b
id software quake 3 engine 1.32c

/* Quake 3 Engine Client CG_ServerCommand() Remote Stack Overflow Exploit (Win32) Written by RunningBon E-Mail: runningbon@gmailcom IRC: ircrizonnet #kik This is a DLL, which gets injected into the server exe You will need Microsoft Detours library to compile this exploit (researchmicrosoftcom/sn/detours/) Use this responsibly You ...

NVD-CWE-Other http://www.securityfocus.com/bid/18777 http://secunia.com/advisories/20946 http://www.vupen.com/english/advisories/2006/2657 https://exchange.xforce.ibmcloud.com/vulnerabilities/27614 https://www.exploit-db.com/exploits/1976 https://nvd.nist.gov https://www.exploit-db.com/exploits/1976/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-3400

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect