Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0983

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-0983
Last Modified 05 Sep 2008 04:47:52
Published 02 May 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0983

Summary

Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (client disconnect) via a long message, which is not properly truncated and causes the engine to process the remaining data as if it were network data.

Vulnerable Systems

Application

  • Activision Call Of Duty 1.4

  • Activision Call Of Duty 1.5b

  • Activision Call Of Duty United Offensive 1.41

  • Activision Call Of Duty United Offensive 1.51b

  • Activision Return To Castle Wolfenstein 1.0

  • Activision Return To Castle Wolfenstein 1.1

  • Id Software Quake 3 Arena 1.1.7

  • Id Software Quake 3 Arena 1.16

  • Id Software Quake 3 Arena 1.31

  • Id Software Quake 3 Arena Server 1.29f

  • Id Software Quake 3 Arena Server 1.29g

  • Id Software Quake 3 Engine

  • Id Software Wolfenstein Enemy Territory 1.0.2

  • Id Software Wolfenstein Enemy Territory 2.56

  • Lucasarts Star Wars Jedi Knight Ii Jedi Outcast 1.0.4

  • Lucasarts Star Wars Jedi Knight Jedi Academy 1.0.11

  • Raven Software Soldier Of Fortune 2 1.0.2

  • Raven Software Soldier Of Fortune 2 1.0.3


References

BID - 12976

SECUNIA - 14811

BUGTRAQ - 20050402 In-game players kicking in the Quake 3 engine

MISC - http://bani.anime.net/banimod/forums/viewtopic.php?p=27322

MISC - http://aluigi.altervista.org/adv/q3msgboom-adv.txt


Last Updated: 27 May 2016 10:40:00