CVE-2011-3012 - OpenCVE

The ioQuake3 engine, as used in World of Padman 1.2 and earlier, Tremulous 1.1.0, and ioUrbanTerror 2007-12-20, does not check for dangerous file extensions before writing to the quake3 directory, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates a Trojan horse DLL file, a different vulnerability than CVE-2011-2764.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ioquake3	Ioquake3 Engine
Tremulous	Tremulous
Urbanterror	Iourbanterror
Worldofpadman	World Of Padman

Configuration 1 [-]

OR	cpe:2.3:a:ioquake3:ioquake3_engine::::::::
	cpe:2.3:a:tremulous:tremulous:1.1.0:::::::*
	cpe:2.3:a:urbanterror:iourbanterror:2007-12-20:::::::*
	cpe:2.3:a:worldofpadman:world_of_padman::::::::

No data.

References

Link	Providers
http://archives.neohapsis.com/archives/fulldisclosure/2011-07/0338.html
http://securityreason.com/securityalert/8324
http://www.securityfocus.com/archive/1/519051/100/0/threaded
http://www.securityfocus.com/bid/48915
https://bugzilla.redhat.com/show_bug.cgi?id=725951
https://exchange.xforce.ibmcloud.com/vulnerabilities/68870
https://exchange.xforce.ibmcloud.com/vulnerabilities/69164
https://security.gentoo.org/glsa/201706-23

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-08-09T20:00:00

Updated: 2024-08-06T23:22:26.678Z

Reserved: 2011-08-09T00:00:00

Link: CVE-2011-3012

Vulnrichment

No data.

NVD

Status : Modified

Published: 2011-08-09T20:55:00.747

Modified: 2018-10-09T19:33:09.277

Link: CVE-2011-3012

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-07-28T00:00:00", "descriptions": [{"lang": "en", "value": "The ioQuake3 engine, as used in World of Padman 1.2 and earlier, Tremulous 1.1.0, and ioUrbanTerror 2007-12-20, does not check for dangerous file extensions before writing to the quake3 directory, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates a Trojan horse DLL file, a different vulnerability than CVE-2011-2764."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20110728 Two security issues fixed in ioQuake3 engine", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-07/0338.html"}, {"name": "ioquake-gamecode-code-execution(68870)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68870"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=725951"}, {"name": "ioquake-file-extensions-code-execution(69164)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69164"}, {"name": "48915", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/48915"}, {"name": "20110728 Two security issues fixed in ioQuake3 engine", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/519051/100/0/threaded"}, {"name": "8324", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/8324"}, {"name": "GLSA-201706-23", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201706-23"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-3012", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ioQuake3 engine, as used in World of Padman 1.2 and earlier, Tremulous 1.1.0, and ioUrbanTerror 2007-12-20, does not check for dangerous file extensions before writing to the quake3 directory, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates a Trojan horse DLL file, a different vulnerability than CVE-2011-2764."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20110728 Two security issues fixed in ioQuake3 engine", "refsource": "FULLDISC", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-07/0338.html"}, {"name": "ioquake-gamecode-code-execution(68870)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68870"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=725951", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=725951"}, {"name": "ioquake-file-extensions-code-execution(69164)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69164"}, {"name": "48915", "refsource": "BID", "url": "http://www.securityfocus.com/bid/48915"}, {"name": "20110728 Two security issues fixed in ioQuake3 engine", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/519051/100/0/threaded"}, {"name": "8324", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/8324"}, {"name": "GLSA-201706-23", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201706-23"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:22:26.678Z"}, "title": "CVE Program Container", "references": [{"name": "20110728 Two security issues fixed in ioQuake3 engine", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-07/0338.html"}, {"name": "ioquake-gamecode-code-execution(68870)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68870"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=725951"}, {"name": "ioquake-file-extensions-code-execution(69164)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69164"}, {"name": "48915", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/48915"}, {"name": "20110728 Two security issues fixed in ioQuake3 engine", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/519051/100/0/threaded"}, {"name": "8324", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/8324"}, {"name": "GLSA-201706-23", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201706-23"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-3012", "datePublished": "2011-08-09T20:00:00", "dateReserved": "2011-08-09T00:00:00", "dateUpdated": "2024-08-06T23:22:26.678Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ioquake3:ioquake3_engine:*:*:*:*:*:*:*:*", "matchCriteriaId": "14B7EA4D-BA81-4637-BA3F-E899DD6F4FED", "vulnerable": true}, {"criteria": "cpe:2.3:a:tremulous:tremulous:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "61DF558A-FABC-4462-B767-97B7C3CC83F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:urbanterror:iourbanterror:2007-12-20:*:*:*:*:*:*:*", "matchCriteriaId": "2C71DD15-E034-4BC0-8D70-042E399A25A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:worldofpadman:world_of_padman:*:*:*:*:*:*:*:*", "matchCriteriaId": "C808A499-779C-4837-8CB8-75222DF4BE82", "versionEndIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ioQuake3 engine, as used in World of Padman 1.2 and earlier, Tremulous 1.1.0, and ioUrbanTerror 2007-12-20, does not check for dangerous file extensions before writing to the quake3 directory, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates a Trojan horse DLL file, a different vulnerability than CVE-2011-2764."}, {"lang": "es", "value": "El motor ioQuake3, tal como se usa en World of Padman 1.2 y versiones anteriores, Tremulous 1.1.0 y ioUrbanTerror 2007-12-20, no comprueba las extensiones de ficheros maliciosas antes de copiarlos al directorio quake3, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de complementos de terceras partes modificados que crean un archivo DLL troyanizado. Una vulnerabilidad distinta a la del CVE-2011-2764."}], "id": "CVE-2011-3012", "lastModified": "2018-10-09T19:33:09.277", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-08-09T20:55:00.747", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-07/0338.html"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/8324"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/519051/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/48915"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=725951"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68870"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69164"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201706-23"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}