id Software id Tech 4 Engine - 'idGameLocal::GetGameStateObject' Remote Code Execution Vulnerability

2010-07-21T00:00:00
ID EDB-ID:34178
Type exploitdb
Reporter Luigi Auriemma
Modified 2010-07-21T00:00:00

Description

id Software id Tech 4 Engine 'idGameLocal::GetGameStateObject()' Remote Code Execution Vulnerability. Remote exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/41001/info

id Tech 4 Engine is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

The following applications include the vulnerable engine:

Enemy Territory: Quake Wars 1.5.12642.33243 and prior
Wolfenstein 1.3.344272 and prior
Quake 4 1.4.2 and prior
Doom 3 1.3.1 and prior
Prey 1.4 and prior 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34178.zip