Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
client/cl_parse.c in the id3 Quake 3 Engine 1.32c and the Icculus Quake 3 Engine (ioquake3) revision 810 and earlier allows remote malicious servers to overwrite arbitrary write-protected cvars variables on the client, such as cl_allowdownload for Automatic Downloading and fs_homepath for the quake3 path, via a string of cvar names and values sent from the server. NOTE: this can be combined with another vulnerability to overwrite arbitrary files.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Quake 3 client/cl_parse.c 输入验证漏洞
Vulnerability Description
id3 Quake 3 Engine 1.32c和Icculus Quake 3 Engine (ioquake3) 810修订版及更早版本中的client/cl_parse.c,可让远程恶意服务器通过从服务器发送的cvar名称和值字符串覆盖客户机上任意写保护的cvar变量,例如关于自动下载的cl_allowdownload和关于quake3路径的fs_homepath。
CVSS Information
N/A
Vulnerability Type
N/A