Vulnerabilities > ID Software
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-07-17 | CVE-1999-1569 | Denial of Service vulnerability in ID Software Quake 1.9 Quake 1 and NetQuake servers allow remote attackers to cause a denial of service (resource exhaustion or forced disconnection) via a flood of spoofed UDP connection packets, which exceeds the server's player limit. | 5.0 |
| 2000-11-01 | CVE-2000-1080 | Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers to cause a denial of service via a malformed (empty) UDP packet. | 5.0 |
| 2000-05-03 | CVE-2000-0303 | Unspecified vulnerability in ID Software Quake 3 Arena 1.16N Quake3 Arena allows malicious server operators to read or modify files on a client via a dot dot (..) attack. | 6.4 |
| 1998-04-08 | CVE-1999-1502 | Unspecified vulnerability in ID Software Quake 1.9 Buffer overflows in Quake 1.9 client allows remote malicious servers to execute arbitrary commands via long (1) precache paths, (2) server name, (3) server address, or (4) argument to the map console command. | 7.5 |
| 1998-04-07 | CVE-1999-1505 | Unspecified vulnerability in ID Software Quakeworld 2.10 Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary commands via a long initial connect packet. | 7.5 |
| 1998-02-25 | CVE-1999-1229 | Unspecified vulnerability in ID Software Quake 2 Server Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the target file. | 2.1 |
| 1997-12-24 | CVE-1999-1230 | Unspecified vulnerability in ID Software Quake 2 Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself. | 5.0 |