Published: 04/08/2011 Updated: 09/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

The FS_CheckFilenameIsNotExecutable function in qcommon/files.c in the ioQuake3 engine 1.36 and previous versions, as used in World of Padman, Smokin' Guns, OpenArena, Tremulous, and ioUrbanTerror, does not properly determine dangerous file extensions, which allows remote malicious users to execute arbitrary code via a crafted third-party addon that creates a Trojan horse DLL file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ioquake3 ioquake3 engine 1.36
worldofpadman world of padman
tremulous tremulous
urbanterror iourbanterror
ioquake3 ioquake3 engine
smokin-guns smokin\\' guns
openarena openarena

Debian Bug report logs - #660834 tremulous: CVE-2006-3325 ("q3cfilevar-B") configuration overwriting Package: tremulous; Maintainer for tremulous is (unknown); Reported by: Simon McVittie <smcv@debianorg> Date: Wed, 22 Feb 2012 08:59:13 UTC Severity: grave Tags: security Found in version tremulous/110-41 Fixed in vers ...

Debian Bug report logs - #660832 tremulous: CVE-2006-3324 ("q3cfilevar-A") arbitrary file overwriting Package: tremulous; Maintainer for tremulous is (unknown); Reported by: Simon McVittie <smcv@debianorg> Date: Wed, 22 Feb 2012 08:58:41 UTC Severity: grave Tags: security Found in version tremulous/110-41 Fixed in ver ...

Debian Bug report logs - #660827 tremulous: CVE-2006-2236 ("the remapShader exploit") can lead to arbitrary code execution Package: tremulous; Maintainer for tremulous is (unknown); Reported by: Simon McVittie <smcv@debianorg> Date: Wed, 22 Feb 2012 08:39:01 UTC Severity: grave Tags: security Found in version tremulous/1 ...

Debian Bug report logs - #660836 tremulous: CVE-2011-2764, CVE-2011-3012 DLL overwriting by malicious bytecode Package: tremulous; Maintainer for tremulous is (unknown); Reported by: Simon McVittie <smcv@debianorg> Date: Wed, 22 Feb 2012 09:06:13 UTC Severity: grave Tags: security Found in version tremulous/110-41 Fix ...

Debian Bug report logs - #660831 tremulous-server: CVE-2006-2082 arbitrary file download from server Package: tremulous-server; Maintainer for tremulous-server is (unknown); Reported by: Simon McVittie <smcv@debianorg> Date: Wed, 22 Feb 2012 08:58:28 UTC Severity: grave Tags: security Found in version tremulous/110-41 ...

Multiple games using the Quake engine suffer from remote shell injection and code execution vulnerabilities ...

CWE-20 http://thilo.tjps.eu/download/patches/ioq3-svn-r2098.diff http://www.securityfocus.com/bid/48915 https://bugzilla.redhat.com/show_bug.cgi?id=725951 http://archives.neohapsis.com/archives/fulldisclosure/2011-07/0338.html http://svn.icculus.org/quake3?view=rev&revision=2098 http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063460.html http://secunia.com/advisories/45540 http://secunia.com/advisories/45539 http://securityreason.com/securityalert/8324 https://security.gentoo.org/glsa/201706-23 https://exchange.xforce.ibmcloud.com/vulnerabilities/68870 http://www.securityfocus.com/archive/1/519051/100/0/threaded https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660834

CVE-2011-2764

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect