Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2011-3012
Deferred
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-09 Aug, 2011 | 20:55
Updated At-11 Apr, 2025 | 00:51

The ioQuake3 engine, as used in World of Padman 1.2 and earlier, Tremulous 1.1.0, and ioUrbanTerror 2007-12-20, does not check for dangerous file extensions before writing to the quake3 directory, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates a Trojan horse DLL file, a different vulnerability than CVE-2011-2764.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
ioquake3
ioquake3
>>ioquake3_engine>>*
cpe:2.3:a:ioquake3:ioquake3_engine:*:*:*:*:*:*:*:*
tremulous
tremulous
>>tremulous>>1.1.0
cpe:2.3:a:tremulous:tremulous:1.1.0:*:*:*:*:*:*:*
urbanterror
urbanterror
>>iourbanterror>>2007-12-20
cpe:2.3:a:urbanterror:iourbanterror:2007-12-20:*:*:*:*:*:*:*
worldofpadman
worldofpadman
>>world_of_padman>>Versions up to 1.2(inclusive)
cpe:2.3:a:worldofpadman:world_of_padman:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://archives.neohapsis.com/archives/fulldisclosure/2011-07/0338.htmlcve@mitre.org
Exploit
http://securityreason.com/securityalert/8324cve@mitre.org
N/A
http://www.securityfocus.com/archive/1/519051/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/48915cve@mitre.org
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=725951cve@mitre.org
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/68870cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/69164cve@mitre.org
N/A
https://security.gentoo.org/glsa/201706-23cve@mitre.org
N/A
http://archives.neohapsis.com/archives/fulldisclosure/2011-07/0338.htmlaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://securityreason.com/securityalert/8324af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/519051/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/48915af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=725951af854a3a-2127-422b-91ae-364da2661108
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/68870af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/69164af854a3a-2127-422b-91ae-364da2661108
N/A
https://security.gentoo.org/glsa/201706-23af854a3a-2127-422b-91ae-364da2661108
N/A
Change History
0Changes found
Details not found