Linux Distros Unpatched Vulnerability : CVE-2017-6903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. This also affects Quake III Arena, OpenArena, OpenJK, iortcw,...

SUSE CVE-2006-2082

Directory traversal vulnerability in Quake 3 engine, as used in products including Quake3 Arena, Return to Castle Wolfenstein, Wolfenstein: Enemy Territory, and Star Trek Voyager: Elite Force, when the svallowdownload cvar is enabled, allows remote attackers to read arbitrary files from the serve...

SUSE CVE-2006-2236

Buffer overflow in the Quake 3 Engine, as used by 1 ET 2.60, 2 Return to Castle Wolfenstein 1.41, and 3 Quake III Arena 1.32b allows remote attackers to execute arbitrary commands via a long remapShader command...

UBUNTU-CVE-2017-6903

In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. This also affects Quake III Arena, OpenArena, OpenJK, iortcw, and other id Tech 3 aka Quake 3 engine forks. A malicious auto-downloaded file can trigger loading of crafted auto-downloaded files as...

DEBIAN-CVE-2006-3324

The Automatic Downloading option in the id3 Quake 3 Engine and the Icculus Quake 3 Engine ioquake3 before revision 804 allows remote attackers to overwrite arbitrary files in the quake3 directory fshomepath cvar via a long string of filenames, as contained in the neededpaks buffer...

DEBIAN-CVE-2006-3325

client/clparse.c in the id3 Quake 3 Engine 1.32c and the Icculus Quake 3 Engine ioquake3 revision 810 and earlier allows remote malicious servers to overwrite arbitrary write-protected cvars variables on the client, such as clallowdownload for Automatic Downloading and fshomepath for the quake3...

DEBIAN-CVE-2006-2875

Stack-based buffer overflow in the CLParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svcdownload command with compressed data that triggers the overflow during expansion...

DEBIAN-CVE-2006-2082

Directory traversal vulnerability in Quake 3 engine, as used in products including Quake3 Arena, Return to Castle Wolfenstein, Wolfenstein: Enemy Territory, and Star Trek Voyager: Elite Force, when the svallowdownload cvar is enabled, allows remote attackers to read arbitrary files from the serve...

DEBIAN-CVE-2006-2236

Buffer overflow in the Quake 3 Engine, as used by 1 ET 2.60, 2 Return to Castle Wolfenstein 1.41, and 3 Quake III Arena 1.32b allows remote attackers to execute arbitrary commands via a long remapShader command...