CVE-2006-2236

2006-05-0823:02:00

mitre

web.nvd.nist.gov

buffer overflow

quake 3 engine

remote attack

cve-2006-2236

nvd

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.056

Percentile

93.3%

JSON

Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) Return to Castle Wolfenstein 1.41, and (3) Quake III Arena 1.32b allows remote attackers to execute arbitrary commands via a long remapShader command.

Affected configurations

Nvd

Node

id_softwarequake_3_arenaMatch1.32b

id_softwarequake_3_engineMatch1.32b

id_softwarereturn_to_castle_wolfensteinMatch1.41

id_softwarewolfenstein_enemy_territoryMatch2.60

VendorProductVersionCPE
id_softwarequake_3_arena1.32bcpe:2.3:a:id_software:quake_3_arena:1.32b:*:*:*:*:*:*:*
id_softwarequake_3_engine1.32bcpe:2.3:a:id_software:quake_3_engine:1.32b:*:*:*:*:*:*:*
id_softwarereturn_to_castle_wolfenstein1.41cpe:2.3:a:id_software:return_to_castle_wolfenstein:1.41:*:*:*:*:*:*:*
id_softwarewolfenstein_enemy_territory2.60cpe:2.3:a:id_software:wolfenstein_enemy_territory:2.60:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
id_software	quake_3_arena	1.32b	cpe:2.3:a:id_software:quake_3_arena:1.32b:::::::*
id_software	quake_3_engine	1.32b	cpe:2.3:a:id_software:quake_3_engine:1.32b:::::::*
id_software	return_to_castle_wolfenstein	1.41	cpe:2.3:a:id_software:return_to_castle_wolfenstein:1.41:::::::*
id_software	wolfenstein_enemy_territory	2.60	cpe:2.3:a:id_software:wolfenstein_enemy_territory:2.60:::::::*