CVE-2006-3324

CVE-2006-3324 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

The Automatic Downloading option in the id3 Quake 3 Engine and the Icculus Quake 3 Engine (ioquake3) before revision 804 allows remote attackers to overwrite arbitrary files in the quake3 directory (fs_homepath cvar) via a long string of filenames, as contained in the neededpaks buffer.

Learn more about our Web Application Penetration Testing UK.