Vulnerabilities > Openarena > Openarena > 0.8.x.16

DATE CVE VULNERABILITY TITLE RISK
2011-08-04 CVE-2011-1412 Improper Input Validation vulnerability in multiple products
sys/sys_unix.c in the ioQuake3 engine on Unix and Linux, as used in World of Padman 1.5.x before 1.5.1.1 and OpenArena 0.8.x-15 and 0.8.x-16, allows remote game servers to execute arbitrary commands via shell metacharacters in a long fs_game variable.
network
low complexity
ioquake3 openarena worldofpadman linux CWE-20
7.5
7.5