Vulnerability CVE-2011-2764
Published: 2011-08-03   Modified: 2012-02-13

Description:
The FS_CheckFilenameIsNotExecutable function in qcommon/files.c in the ioQuake3 engine 1.36 and earlier, as used in World of Padman, Smokin' Guns, OpenArena, Tremulous, and ioUrbanTerror, does not properly determine dangerous file extensions, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates a Trojan horse DLL file.

See advisories in our WLB2 database:
Topic
Author
Date
High
ioQuake3 Remote shell injection
Thilo Schulz
06.08.2011

Type:

CWE-20

 (Improper Input Validation)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Worldofpadman -> World of padman 
Urbanterror -> Iourbanterror 
Tremulous -> Tremulous 
Smokin-guns -> Smokin' guns 
Openarena -> Openarena 
Ioquake3 -> Ioquake3 engine 

 References:
http://archives.neohapsis.com/archives/fulldisclosure/2011-07/0338.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063460.html
http://securityreason.com/securityalert/8324
http://svn.icculus.org/quake3?view=rev&revision=2098
http://thilo.tjps.eu/download/patches/ioq3-svn-r2098.diff
http://www.securityfocus.com/archive/1/519051/100/0/threaded
http://www.securityfocus.com/bid/48915
https://bugzilla.redhat.com/show_bug.cgi?id=725951
https://exchange.xforce.ibmcloud.com/vulnerabilities/68870
https://security.gentoo.org/glsa/201706-23
Copyright 2024, cxsecurity.com

 

Back to Top