CVE-2017-6903 log
Source |
|
Severity | Critical |
Remote | Yes |
Type | Arbitrary code execution |
Description | The current version of ioquake3 (and its forks) receive arbitrary files from server and load them in the context of the ioq3 client. If a malicious attacker ships an arbitrary .so/openAL driver file, it will be loaded by the client process, resulting in arbitrary code execution |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-227 | urbanterror | 2:4.3.2-2 | Critical | Unknown |