Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2005-0983

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-05 Apr, 2005 | 04:00
Updated At-07 Aug, 2024 | 21:35
Rejected At-
Credits

Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (client disconnect) via a long message, which is not properly truncated and causes the engine to process the remaining data as if it were network data.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:05 Apr, 2005 | 04:00
Updated At:07 Aug, 2024 | 21:35
Rejected At:
▼CVE Numbering Authority (CNA)

Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (client disconnect) via a long message, which is not properly truncated and causes the engine to process the remaining data as if it were network data.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/14811
third-party-advisory
x_refsource_SECUNIA
http://aluigi.altervista.org/adv/q3msgboom-adv.txt
x_refsource_MISC
http://www.securityfocus.com/bid/12976
vdb-entry
x_refsource_BID
http://marc.info/?l=bugtraq&m=111246796918067&w=2
mailing-list
x_refsource_BUGTRAQ
http://bani.anime.net/banimod/forums/viewtopic.php?p=27322
x_refsource_MISC
Hyperlink: http://secunia.com/advisories/14811
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://aluigi.altervista.org/adv/q3msgboom-adv.txt
Resource:
x_refsource_MISC
Hyperlink: http://www.securityfocus.com/bid/12976
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://marc.info/?l=bugtraq&m=111246796918067&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://bani.anime.net/banimod/forums/viewtopic.php?p=27322
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/14811
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://aluigi.altervista.org/adv/q3msgboom-adv.txt
x_refsource_MISC
x_transferred
http://www.securityfocus.com/bid/12976
vdb-entry
x_refsource_BID
x_transferred
http://marc.info/?l=bugtraq&m=111246796918067&w=2
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://bani.anime.net/banimod/forums/viewtopic.php?p=27322
x_refsource_MISC
x_transferred
Hyperlink: http://secunia.com/advisories/14811
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://aluigi.altervista.org/adv/q3msgboom-adv.txt
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.securityfocus.com/bid/12976
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=111246796918067&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://bani.anime.net/banimod/forums/viewtopic.php?p=27322
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:02 May, 2005 | 04:00
Updated At:03 Apr, 2025 | 01:03

Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (client disconnect) via a long message, which is not properly truncated and causes the engine to process the remaining data as if it were network data.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
activision
activision
>>call_of_duty>>1.4
cpe:2.3:a:activision:call_of_duty:1.4:*:*:*:*:*:*:*
activision
activision
>>call_of_duty>>1.5b
cpe:2.3:a:activision:call_of_duty:1.5b:*:*:*:*:*:*:*
activision
activision
>>call_of_duty_united_offensive>>1.41
cpe:2.3:a:activision:call_of_duty_united_offensive:1.41:*:*:*:*:*:*:*
activision
activision
>>call_of_duty_united_offensive>>1.51b
cpe:2.3:a:activision:call_of_duty_united_offensive:1.51b:*:*:*:*:*:*:*
activision
activision
>>return_to_castle_wolfenstein>>1.0
cpe:2.3:a:activision:return_to_castle_wolfenstein:1.0:*:*:*:*:*:*:*
activision
activision
>>return_to_castle_wolfenstein>>1.1
cpe:2.3:a:activision:return_to_castle_wolfenstein:1.1:*:*:*:*:*:*:*
id_software
id_software
>>quake_3_arena>>1.1.7
cpe:2.3:a:id_software:quake_3_arena:1.1.7:*:*:*:*:*:*:*
id_software
id_software
>>quake_3_arena>>1.16
cpe:2.3:a:id_software:quake_3_arena:1.16:*:*:*:*:*:*:*
id_software
id_software
>>quake_3_arena>>1.31
cpe:2.3:a:id_software:quake_3_arena:1.31:*:*:*:*:*:*:*
id_software
id_software
>>quake_3_arena_server>>1.29f
cpe:2.3:a:id_software:quake_3_arena_server:1.29f:*:*:*:*:*:*:*
id_software
id_software
>>quake_3_arena_server>>1.29g
cpe:2.3:a:id_software:quake_3_arena_server:1.29g:*:*:*:*:*:*:*
id_software
id_software
>>quake_3_engine>>*
cpe:2.3:a:id_software:quake_3_engine:*:*:*:*:*:*:*:*
id_software
id_software
>>wolfenstein_enemy_territory>>1.0.2
cpe:2.3:a:id_software:wolfenstein_enemy_territory:1.0.2:*:*:*:*:*:*:*
id_software
id_software
>>wolfenstein_enemy_territory>>2.56
cpe:2.3:a:id_software:wolfenstein_enemy_territory:2.56:*:*:*:*:*:*:*
lucasarts
lucasarts
>>star_wars_jedi_knight_ii_jedi_outcast>>1.0.4
cpe:2.3:a:lucasarts:star_wars_jedi_knight_ii_jedi_outcast:1.0.4:*:*:*:*:*:*:*
lucasarts
lucasarts
>>star_wars_jedi_knight_jedi_academy>>1.0.11
cpe:2.3:a:lucasarts:star_wars_jedi_knight_jedi_academy:1.0.11:*:*:*:*:*:*:*
raven_software
raven_software
>>soldier_of_fortune_2>>1.0.2
cpe:2.3:a:raven_software:soldier_of_fortune_2:1.0.2:*:*:*:*:*:*:*
raven_software
raven_software
>>soldier_of_fortune_2>>1.0.3
cpe:2.3:a:raven_software:soldier_of_fortune_2:1.0.3:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://aluigi.altervista.org/adv/q3msgboom-adv.txtcve@mitre.org
Exploit
http://bani.anime.net/banimod/forums/viewtopic.php?p=27322cve@mitre.org
N/A
http://marc.info/?l=bugtraq&m=111246796918067&w=2cve@mitre.org
N/A
http://secunia.com/advisories/14811cve@mitre.org
N/A
http://www.securityfocus.com/bid/12976cve@mitre.org
N/A
http://aluigi.altervista.org/adv/q3msgboom-adv.txtaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://bani.anime.net/banimod/forums/viewtopic.php?p=27322af854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=111246796918067&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/14811af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/12976af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://aluigi.altervista.org/adv/q3msgboom-adv.txt
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://bani.anime.net/banimod/forums/viewtopic.php?p=27322
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=111246796918067&w=2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/14811
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/12976
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://aluigi.altervista.org/adv/q3msgboom-adv.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://bani.anime.net/banimod/forums/viewtopic.php?p=27322
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=111246796918067&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/14811
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/12976
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

14Records found
CVE-1999-1569
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.32% / 79.03%
||
7 Day CHG~0.00%
Published-31 Aug, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Quake 1 and NetQuake servers allow remote attackers to cause a denial of service (resource exhaustion or forced disconnection) via a flood of spoofed UDP connection packets, which exceeds the server's player limit.

Action-Not Available
Vendor-id_softwaren/a
Product-quaken/a
CVE-2004-1194
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-4.66% / 88.88%
||
7 Day CHG~0.00%
Published-15 Dec, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (application crash) via a long nickname.

Action-Not Available
Vendor-lucasartsn/a
Product-star_wars_battlefrontn/a
CVE-2005-2115
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.76% / 72.42%
||
7 Day CHG~0.00%
Published-01 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Soldier of Fortune II 1.02x and 1.03 allows remote attackers to cause a denial of service (server crash) via a large ID value in the ignore command, which is used as an array index and causes an out-of-bounds operation.

Action-Not Available
Vendor-raven_softwaren/a
Product-soldier_of_fortune_2n/a
CVE-2004-1664
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-5.74% / 90.10%
||
7 Day CHG~0.00%
Published-20 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Call of Duty 1.4 and earlier allows remote attackers to cause a denial of service (game end) via a large (1) query or (2) reply packet, which is not properly handled by the buffer overflow protection mechanism. NOTE: this issue might overlap CVE-2005-0430.

Action-Not Available
Vendor-activisionn/a
Product-call_of_dutycall_of_duty_united_offensiven/a
CVE-2005-0568
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-5.49% / 89.84%
||
7 Day CHG~0.00%
Published-27 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Soldier of Fortune II 1.03 gold allows remote attackers to cause a denial of service (application crash) via a large cl_guid value, which results in an invalid pointer dereference.

Action-Not Available
Vendor-raven_softwaren/a
Product-soldier_of_fortune_2n/a
CVE-2005-0430
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.57% / 80.78%
||
7 Day CHG~0.00%
Published-16 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Quake 3 engine, as used in multiple game packages, allows remote attackers to cause a denial of service (shutdown game server) and possibly crash the server via a long infostring, possibly triggering a buffer overflow.

Action-Not Available
Vendor-id_softwaren/a
Product-quake_3_enginen/a
CVE-2004-2595
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.56% / 80.74%
||
7 Day CHG~0.00%
Published-29 Nov, 2005 | 02:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Absolute path traversal vulnerability in Quake II server before R1Q2 on Linux, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a download command with a full pathname for a directory in the argument, which causes the server to crash when it cannot read data.

Action-Not Available
Vendor-id_softwaren/a
Product-quake_ii_server_linuxn/a
CVE-2004-2592
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-4.33% / 88.47%
||
7 Day CHG~0.00%
Published-29 Nov, 2005 | 02:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a modified client that asks the server to send data stored at a negative array offset, which is not handled when processing Configstrings and Baselines.

Action-Not Available
Vendor-id_softwaren/a
Product-quake_ii_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2004-1195
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-4.72% / 88.97%
||
7 Day CHG~0.00%
Published-15 Dec, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (application crash) via a join request that contains a memory address that causes the server to read arbitrary memory.

Action-Not Available
Vendor-lucasartsn/a
Product-star_wars_battlefrontn/a
CVE-2001-1289
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.22% / 78.27%
||
7 Day CHG~0.00%
Published-03 May, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Quake 3 arena 1.29f and 1.29g allows remote attackers to cause a denial of service (crash) via a malformed connection packet that begins with several char-255 characters.

Action-Not Available
Vendor-id_softwaren/a
Product-quake_3_arenan/a
CVE-2000-1080
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.76% / 72.42%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers to cause a denial of service via a malformed (empty) UDP packet.

Action-Not Available
Vendor-id_softwarej._p._grossmann/a
Product-quakeproquaken/a
CVE-1999-1230
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.05%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself.

Action-Not Available
Vendor-id_softwaren/a
Product-quake_2n/a
CVE-2004-2596
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.27% / 78.68%
||
7 Day CHG~0.00%
Published-29 Nov, 2005 | 02:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (exhaustion of connection slots) via a large number of connections from the same IP address.

Action-Not Available
Vendor-id_softwaren/a
Product-quake_ii_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2004-1542
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-5.94% / 90.28%
||
7 Day CHG~0.00%
Published-19 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Soldier of Fortune II 1.03 Gold and earlier allows remote attackers to cause a denial of service (server or client crash) via a long (1) query or (2) reply.

Action-Not Available
Vendor-raven_softwaren/a
Product-soldier_of_fortunen/a
Details not found