2 matches found
CVE-2004-2594
CVE-2004-2594 affects the Quake II server on Windows prior to R1Q2. The vulnerability is an absolute path traversal in the server’s file access, allowing a remote attacker to read arbitrary files by including a "/" sequence in a pathname (example: download /server.cfg). The CVSS data indicates ne...
CVE-2004-2594
Absolute path traversal vulnerability in Quake II server before R1Q2 on Windows, as used in multiple products, allows remote attackers to read arbitrary files via a "/" in a pathname argument, as demonstrated by "download /server.cfg"...