CVE-2006-3400

Published: Jul 6, 2006Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Stack-based buffer overflow in the CG_ServerCommand function in Quake 3 Engine as used by Soldier of Fortune 2 (SOF2MP) GOLD 1.03 allows remote attackers to cause a denial of service and possibly execute code by sending a long command from the server.

Affected (4)

Products: Id Software: Quake 3 Engine · Raven Software: Soldier Of Fortune 2

1 product

1 product

Soldier Of Fortune 2

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Id Software Quake 3 Engine	Version 1.32b
Id Software Quake 3 Engine	Version 1.32c
Id Software Quake 3 Engine	Version icculus_812
Raven Software Soldier Of Fortune 2	Version 1.03

References (10)

http://secunia.com/advisories/20946

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/18777

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2006/2657

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/27614

Source: cve@mitre.org

https://www.exploit-db.com/exploits/1976

Source: cve@mitre.org

http://secunia.com/advisories/20946

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/18777

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.vupen.com/english/advisories/2006/2657

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/27614

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/1976

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.