Filtered by vendor Id Software
Subscribe
Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2593 | 1 Id Software | 1 Quake Ii Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in command-packet processing of Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a packet with a long cmd_args buffer. | |||||
| CVE-2004-2594 | 1 Id Software | 1 Quake Ii Server Windows | 2025-04-03 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in Quake II server before R1Q2 on Windows, as used in multiple products, allows remote attackers to read arbitrary files via a "\/" in a pathname argument, as demonstrated by "download \/server.cfg". | |||||
| CVE-2006-3401 | 1 Id Software | 1 Quake 3 Engine | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in Quake 3 Engine as used by Quake 3: Arena 1.32b and 1.32c allows remote attackers to cause a denial of service and possibly execute code via long CS_ITEMS values. | |||||
| CVE-2004-2597 | 1 Id Software | 1 Quake Ii Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Quake II server before R1Q2, as used in multiple products, allows remote attackers to bypass IP-based access control rules via a userinfo string that already contains an "ip" key/value pair but is also long enough to cause a new key/value pair to be truncated, which interferes with the server's ability to find the client's IP address. | |||||
| CVE-2004-2598 | 1 Id Software | 1 Quake Ii Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Quake II server before R1Q2, as used in multiple products, allows remote attackers to corrupt the server's client state data structure by exiting a session without a valid disconnect command, then reconnecting, which prevents a mod from being notified of changes in the client state. NOTE: the impact of this issue will vary depending on which mod is being used. | |||||
| CVE-1999-1505 | 1 Id Software | 1 Quakeworld | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary commands via a long initial connect packet. | |||||
| CVE-2006-2082 | 1 Id Software | 1 Quake 3 Engine | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Quake 3 engine, as used in products including Quake3 Arena, Return to Castle Wolfenstein, Wolfenstein: Enemy Territory, and Star Trek Voyager: Elite Force, when the sv_allowdownload cvar is enabled, allows remote attackers to read arbitrary files from the server via ".." sequences in a .pk3 file request. | |||||