Filtered by vendor Id Software
Subscribe
Total
27 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1230 | 1 Id Software | 1 Quake 2 | 2024-02-04 | 5.0 MEDIUM | N/A |
Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself. | |||||
CVE-1999-1229 | 1 Id Software | 1 Quake 2 Server | 2024-02-04 | 2.1 LOW | N/A |
Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the target file. | |||||
CVE-2001-1289 | 1 Id Software | 1 Quake 3 Arena | 2024-02-04 | 5.0 MEDIUM | N/A |
Quake 3 arena 1.29f and 1.29g allows remote attackers to cause a denial of service (crash) via a malformed connection packet that begins with several char-255 characters. | |||||
CVE-2002-0770 | 1 Id Software | 1 Quake 2i Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Quake 2 (Q2) server 3.20 and 3.21 allows remote attackers to obtain sensitive server cvar variables, obtain directory listings, and execute Q2 server admin commands via a client that does not expand "$" macros, which causes the server to expand the macros and leak the information, as demonstrated using "say $rcon_password." | |||||
CVE-1999-1569 | 1 Id Software | 1 Quake | 2024-02-04 | 5.0 MEDIUM | N/A |
Quake 1 and NetQuake servers allow remote attackers to cause a denial of service (resource exhaustion or forced disconnection) via a flood of spoofed UDP connection packets, which exceeds the server's player limit. | |||||
CVE-2000-0303 | 1 Id Software | 1 Quake 3 Arena | 2024-02-04 | 6.4 MEDIUM | N/A |
Quake3 Arena allows malicious server operators to read or modify files on a client via a dot dot (..) attack. | |||||
CVE-1999-1505 | 1 Id Software | 1 Quakeworld | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary commands via a long initial connect packet. |