CVE

Id
19428  
CVE No.
CVE-2006-3324  
Status
Candidate  
Description
The Automatic Downloading option in the id3 Quake 3 Engine and the Icculus Quake 3 Engine (ioquake3) before revision 804 allows remote attackers to overwrite arbitrary files in the quake3 directory (fs_homepath cvar) via a long string of filenames, as contained in the neededpaks buffer.  
Phase
Assigned (20060630)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
174359 19428 CVE-2006-3324 BUGTRAQ:20060627 Files and cvars overwriting in Quake 3 engine (1.32c / rev 803 / ...)  View
174360 19428 CVE-2006-3324 URL:http://www.securityfocus.com/archive/1/archive/1/438515/100/0/threaded  View
174361 19428 CVE-2006-3324 BUGTRAQ:20060628 Re: Files and cvars overwriting in Quake 3 engine (1.32c / rev 803 / ...)  View
174362 19428 CVE-2006-3324 URL:http://www.securityfocus.com/archive/1/archive/1/438660/100/0/threaded  View
174363 19428 CVE-2006-3324 MISC:http://aluigi.altervista.org/adv/q3cfilevar-adv.txt  View
174364 19428 CVE-2006-3324 CONFIRM:http://svn.icculus.org/quake3?rev=804&view=rev  View
174365 19428 CVE-2006-3324 BID:18685  View
174366 19428 CVE-2006-3324 URL:http://www.securityfocus.com/bid/18685  View
174367 19428 CVE-2006-3324 VUPEN:ADV-2006-2569  View
174368 19428 CVE-2006-3324 URL:http://www.vupen.com/english/advisories/2006/2569  View
174369 19428 CVE-2006-3324 SECUNIA:20401  View
174370 19428 CVE-2006-3324 URL:http://secunia.com/advisories/20401  View
174371 19428 CVE-2006-3324 SECUNIA:20851  View
174372 19428 CVE-2006-3324 URL:http://secunia.com/advisories/20851  View
174373 19428 CVE-2006-3324 SREASON:1171  View
174374 19428 CVE-2006-3324 URL:http://securityreason.com/securityalert/1171  View
174375 19428 CVE-2006-3324 XF:quake3-cvar-file-overwrite(27486)  View

Related JVN