CVE-2006-2236

ID Software Quake 3 Arena - Buffer Overflow

Title source: rule

Description

Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) Return to Castle Wolfenstein 1.41, and (3) Quake III Arena 1.32b allows remote attackers to execute arbitrary commands via a long remapShader command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by landser · cremotelinux

https://www.exploit-db.com/exploits/1750

View Code ZIP pw:eip

References (9)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/433349/100/0/threaded

[Patch, Vendor Advisory] http://secunia.com/advisories/19984

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/1676

[Exploit] http://www.securityfocus.com/bid/17857

[Third Party Advisory] http://www.gentoo.org/security/en/glsa/glsa-200605-12.xml

[Third Party Advisory] http://secunia.com/advisories/20065

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/26264

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/1750

[Third Party Advisory, VDB Entry] http://www.osvdb.org/25279

Scores

EPSS 0.0406

EPSS Percentile 88.6%

Details

Status published

Products (4)

id_software/quake_3_arena 1.32b

id_software/quake_3_engine 1.32b

id_software/return_to_castle_wolfenstein 1.41

id_software/wolfenstein_enemy_territory 2.60

Published May 08, 2006

Tracked Since Feb 18, 2026