CVE-2005-0983

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2005-0983
Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (client disconnect) via a long message, which is not properly truncated and causes the engine to process the remaining data as if it were network data.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://aluigi.altervista.org/adv/q3msgboom-adv.txt Exploit
http://bani.anime.net/banimod/forums/viewtopic.php?p=27322
http://marc.info/?l=bugtraq&m=111246796918067&w=2
http://secunia.com/advisories/14811
http://www.securityfocus.com/bid/12976
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:activision:call_of_duty:1.4:*:*:*:*:*:*:*
cpe:2.3:a:activision:call_of_duty:1.5b:*:*:*:*:*:*:*
cpe:2.3:a:activision:call_of_duty_united_offensive:1.41:*:*:*:*:*:*:*
cpe:2.3:a:activision:call_of_duty_united_offensive:1.51b:*:*:*:*:*:*:*
cpe:2.3:a:activision:return_to_castle_wolfenstein:1.0:*:*:*:*:*:*:*
cpe:2.3:a:activision:return_to_castle_wolfenstein:1.1:*:*:*:*:*:*:*
cpe:2.3:a:id_software:quake_3_arena:1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:id_software:quake_3_arena:1.16:*:*:*:*:*:*:*
cpe:2.3:a:id_software:quake_3_arena:1.31:*:*:*:*:*:*:*
cpe:2.3:a:id_software:quake_3_arena_server:1.29f:*:*:*:*:*:*:*
cpe:2.3:a:id_software:quake_3_arena_server:1.29g:*:*:*:*:*:*:*
cpe:2.3:a:id_software:quake_3_engine:*:*:*:*:*:*:*:*
cpe:2.3:a:id_software:wolfenstein_enemy_territory:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:id_software:wolfenstein_enemy_territory:2.56:*:*:*:*:*:*:*
cpe:2.3:a:lucasarts:star_wars_jedi_knight_ii_jedi_outcast:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:lucasarts:star_wars_jedi_knight_jedi_academy:1.0.11:*:*:*:*:*:*:*
cpe:2.3:a:raven_software:soldier_of_fortune_2:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:raven_software:soldier_of_fortune_2:1.0.3:*:*:*:*:*:*:*
History

No history.

Information

Published : 2005-05-02 04:00

Updated : 2016-10-18 03:16

NVD link : CVE-2005-0983

Mitre link : CVE-2005-0983

CVE.ORG link : CVE-2005-0983

JSON object : View

Products Affected

lucasarts

  • star_wars_jedi_knight_ii_jedi_outcast
  • star_wars_jedi_knight_jedi_academy

id_software

  • quake_3_arena
  • quake_3_engine
  • wolfenstein_enemy_territory
  • quake_3_arena_server

raven_software

  • soldier_of_fortune_2

activision

  • call_of_duty_united_offensive
  • call_of_duty
  • return_to_castle_wolfenstein
CWE
NVD-CWE-Other