296,317
Total vulnerabilities in the database
client/cl_parse.c in the id3 Quake 3 Engine 1.32c and the Icculus Quake 3 Engine (ioquake3) revision 810 and earlier allows remote malicious servers to overwrite arbitrary write-protected cvars variables on the client, such as cl_allowdownload for Automatic Downloading and fs_homepath for the quake3 path, via a string of cvar names and values sent from the server. NOTE: this can be combined with another vulnerability to overwrite arbitrary files.
| Software | From | Fixed in |
|---|---|---|
| id_software / quake_3_engine | icculus_808 | icculus_808.x |
| id_software / quake_3_engine | icculus_809 | icculus_809.x |
| id_software / quake_3_engine | icculus_807 | icculus_807.x |
| id_software / quake_3_engine | icculus_803 | icculus_803.x |
| id_software / quake_3_engine | icculus_805 | icculus_805.x |
| id_software / quake_3_engine | - | - |
| id_software / quake_3_engine | 1.32b | 1.32b.x |
| id_software / quake_3_engine | icculus_806 | icculus_806.x |
| id_software / quake_3_engine | icculus_810 | icculus_810.x |
| id_software / quake_3_engine | 1.32c | 1.32c.x |
| id_software / quake_3_engine | icculus_804 | icculus_804.x |