Stack-based buffer overflow in the CL_ParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svc_download command with compressed data that triggers the overflow during expansion.
CPE | Name | Operator | Version |
---|---|---|---|
quake_3_engine | eq | <= 1.32c |