Vulnerabilities > ID Software > Quake 3 Engine > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-07-06 | CVE-2006-3401 | Buffer Errors vulnerability in ID Software Quake 3 Engine 1.32B/1.32C/Icculus812 Stack-based buffer overflow in Quake 3 Engine as used by Quake 3: Arena 1.32b and 1.32c allows remote attackers to cause a denial of service and possibly execute code via long CS_ITEMS values. | 7.5 |
| 2006-07-06 | CVE-2006-3400 | Stack Buffer Overflow vulnerability in Quake 3 Engine Client Stack-based buffer overflow in the CG_ServerCommand function in Quake 3 Engine as used by Soldier of Fortune 2 (SOF2MP) GOLD 1.03 allows remote attackers to cause a denial of service and possibly execute code by sending a long command from the server. | 7.5 |
| 2006-06-07 | CVE-2006-2875 | Remote Buffer Overflow vulnerability in Quake 3 Engine CL_ParseDownload Stack-based buffer overflow in the CL_ParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svc_download command with compressed data that triggers the overflow during expansion. | 7.5 |
| 2006-05-10 | CVE-2006-2082 | Information Disclosure vulnerability in Quake 3 Engine Server Directory traversal vulnerability in Quake 3 engine, as used in products including Quake3 Arena, Return to Castle Wolfenstein, Wolfenstein: Enemy Territory, and Star Trek Voyager: Elite Force, when the sv_allowdownload cvar is enabled, allows remote attackers to read arbitrary files from the server via ".." sequences in a .pk3 file request. | 7.5 |
| 2006-05-08 | CVE-2006-2236 | Remote Buffer Overflow vulnerability in Quake 3 Engine remapShader Command Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) Return to Castle Wolfenstein 1.41, and (3) Quake III Arena 1.32b allows remote attackers to execute arbitrary commands via a long remapShader command. | 7.6 |