RSS   Vulnerabilities for 'Quake 4'   RSS

2007-10-06
 
CVE-2007-5248

CWE-134
 

 
Multiple format string vulnerabilities in the ID Software Doom 3 engine, as used by Doom 3 1.3.1 and earlier, Quake 4 1.4.2 and earlier, and Prey 1.3 and earlier, when Punkbuster (PB) is enabled, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in (1) a PB_Y packet to the YPG server or (2) a PB_U packet to UCON. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain.

 

 >>> Vendor: Id software 15 Products
Quake 2 server
Quake 2
Quake
Quakeworld
Quake 3 arena
Quake 2i server
Quake ii server
Quake ii server windows
Quake ii server linux
Quake 3 engine
Return to castle wolfenstein
Quake 3 arena server
Wolfenstein enemy territory
Doom 3
Quake 4


Copyright 2024, cxsecurity.com

 

Back to Top