Lucene search

[email protected]CVE-2006-3401

HistoryJul 06, 2006 - 8:05 p.m.

CVE-2006-3401

2006-07-0620:05:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2006-3401

quake 3 engine

buffer overflow

denial of service

code execution

nvd

8.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.104 Low

EPSS

Percentile

94.9%

JSON

Stack-based buffer overflow in Quake 3 Engine as used by Quake 3: Arena 1.32b and 1.32c allows remote attackers to cause a denial of service and possibly execute code via long CS_ITEMS values.

CPENameOperatorVersion
id_software:quake_3_engineid software quake 3 engineeqicculus_812
id_software:quake_3_engineid software quake 3 engineeq1.32b
id_software:quake_3_engineid software quake 3 engineeq1.32c

CPE	Name	Operator	Version
id_software:quake_3_engine	id software quake 3 engine	eq	icculus_812
id_software:quake_3_engine	id software quake 3 engine	eq	1.32b
id_software:quake_3_engine	id software quake 3 engine	eq	1.32c

References

secunia.com/advisories/20946

secunia.com/advisories/20961

www.securityfocus.com/bid/18777

www.vupen.com/english/advisories/2006/2657

www.vupen.com/english/advisories/2006/2684

exchange.xforce.ibmcloud.com/vulnerabilities/27616

www.exploit-db.com/exploits/1977

8.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.104 Low

EPSS

Percentile

94.9%

JSON