Описание
Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a modified client that asks the server to send data stored at a negative array offset, which is not handled when processing Configstrings and Baselines.
Ссылки
- ExploitVendor Advisory
- Vendor Advisory
- Exploit
- ExploitVendor Advisory
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:id_software:quake_ii_server:3.20:*:*:*:*:*:*:*
cpe:2.3:a:id_software:quake_ii_server:3.21:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.04335
Низкий
5 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
debian
больше 20 лет назад
Quake II server before R1Q2, as used in multiple products, allows remo ...
github
больше 3 лет назад
Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a modified client that asks the server to send data stored at a negative array offset, which is not handled when processing Configstrings and Baselines.
EPSS
Процентиль: 88%
0.04335
Низкий
5 Medium
CVSS2
Дефекты
CWE-20