Lucene search
HistoryJun 07, 2006 - 12:02 a.m.
CVE-2006-2875
cve-2006-2875
buffer overflow
quake 3 engine
remote code execution
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.1 High
AI Score
Confidence
High
0.167 Low
EPSS
Percentile
96.1%
Stack-based buffer overflow in the CL_ParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svc_download command with compressed data that triggers the overflow during expansion.
Affected configurations
Node
id_softwarequake_3_engineRange≤1.32c
| CPE | Name | Operator | Version |
|---|---|---|---|
| id_software:quake_3_engine | id software quake 3 engine | le | 1.32c |
Related
debiancve
debiancve
CVE-2006-2875
2006-06-07 00:02:00
cvelist
cvelist
CVE-2006-2875
2006-06-07 00:00:00
nvd
nvd
CVE-2006-2875
2006-06-07 00:02:00
prion
prion
Stack overflow
2006-06-07 00:02:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.1 High
AI Score
Confidence
High
0.167 Low
EPSS
Percentile
96.1%
Related for CVE-2006-2875