CVE-2011-1412

sys/sys_unix.c in the ioQuake3 engine on Unix and Linux, as used in World of Padman 1.5.x before 1.5.1.1 and OpenArena 0.8.x-15 and 0.8.x-16, allows remote game servers to execute arbitrary commands via shell metacharacters in a long fs_game variable.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:ioquake3:ioquake3_engine:*:*:*:*:*:*:*:*
cpe:2.3:a:worldofpadman:world_of_padman:1.5:*:*:*:*:*:*:*
cpe:2.3:a:openarena:openarena:0.8.x-15:*:*:*:*:*:*:*
cpe:2.3:a:openarena:openarena:0.8.x-16:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Information

Published : 2011-08-03 19:45

Updated : 2018-10-09 12:30


NVD link : CVE-2011-1412

Mitre link : CVE-2011-1412


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

ioquake3

  • ioquake3_engine

openarena

  • openarena

linux

  • linux_kernel

worldofpadman

  • world_of_padman