Vulnerabilities > CVE-2006-2875 - Remote Buffer Overflow vulnerability in Quake 3 Engine CL_ParseDownload
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Stack-based buffer overflow in the CL_ParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svc_download command with compressed data that triggers the overflow during expansion.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Quake 3 Engine CL_ParseDownload Remote Buffer Overflow Vulnerability. CVE-2006-2875. Dos exploits for multiple platform |
| id | EDB-ID:27969 |
| last seen | 2016-02-03 |
| modified | 2006-06-05 |
| published | 2006-06-05 |
| reporter | Luigi Auriemma |
| source | https://www.exploit-db.com/download/27969/ |
| title | Quake 3 Engine CL_ParseDownload Remote Buffer Overflow Vulnerability |