← Back

Prey

prey

Vendor: Take2games • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2007-5248
2Id Software
Take2games
3Doom 3
PreyQuake 4
Apr 23, 2026
Oct 6, 2007
N/A· v4
N/A· v3
9.3 HIGH· v2
Multiple format string vulnerabilities in the ID Software Doom 3 engine, as used by Doom 3 1.3.1 and earlier, Quake 4 1.4.2 and earlier, and Prey 1.3 and earlier, when Punkbuster (PB) is enabled, allow remote attackers t...Show more
Multiple format string vulnerabilities in the ID Software Doom 3 engine, as used by Doom 3 1.3.1 and earlier, Quake 4 1.4.2 and earlier, and Prey 1.3 and earlier, when Punkbuster (PB) is enabled, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in (1) a PB_Y packet to the YPG server or (2) a PB_U packet to UCON. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain.Show less