CVE-2006-3324
id3 Quake 3 Engine <804 - RCE
Title source: llmDescription
The Automatic Downloading option in the id3 Quake 3 Engine and the Icculus Quake 3 Engine (ioquake3) before revision 804 allows remote attackers to overwrite arbitrary files in the quake3 directory (fs_homepath cvar) via a long string of filenames, as contained in the neededpaks buffer.
Exploits (1)
References (10)
Scores
EPSS
0.0222
EPSS Percentile
84.6%
Details
Status
published
Products (5)
id_software/quake_3_engine
id_software/quake_3_engine
1.32b
id_software/quake_3_engine
1.32c
id_software/quake_3_engine
icculus_803
id_software/quake_3_engine
icculus_804
Published
Jun 30, 2006
Tracked Since
Feb 18, 2026