|
|
Subscribe / Log in / New account

tremulous: code execution

Package(s):tremulous CVE #(s):CVE-2011-3012
Created:March 8, 2012 Updated:March 14, 2012
Description: From the CVE entry:

The ioQuake3 engine, as used in World of Padman 1.2 and earlier, Tremulous 1.1.0, and ioUrbanTerror 2007-12-20, does not check for dangerous file extensions before writing to the quake3 directory, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates a Trojan horse DLL file, a different vulnerability than CVE-2011-2764.

Alerts:
Mageia MGASA-2012-0148 tremulous 2012-07-09
Fedora FEDORA-2012-2405 tremulous 2012-03-08
Fedora FEDORA-2012-2419 tremulous 2012-03-08
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds