CVE-2011-2764

NameCVE-2011-2764
DescriptionThe FS_CheckFilenameIsNotExecutable function in qcommon/files.c in the ioQuake3 engine 1.36 and earlier, as used in World of Padman, Smokin' Guns, OpenArena, Tremulous, and ioUrbanTerror, does not properly determine dangerous file extensions, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates a Trojan horse DLL file.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severityhigh
Debian Bugs660836

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ioquake3 (PTS)stretch (security), stretch1.36+u20161101+dfsg1-2+deb9u1fixed
buster1.36+u20181222.e5da13f~dfsg-2fixed
bullseye, sid1.36+u20200930.e7a7a2b~dfsg-1fixed
openarena (PTS)stretch0.8.8-17fixed
buster0.8.8+dfsg-2fixed
bullseye, sid0.8.8+dfsg-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
ioquake3source(unstable)1.36+svn1946-4
openarenasourcesqueeze0.8.5-5+squeeze1
openarenasource(unstable)0.8.5-5+exp1
tremuloussourcesqueeze1.1.0-7~squeeze1
tremuloussource(unstable)1.1.0-6660836

Notes

Current openarena packages use the share ioquake3 engine

Search for package or bug name: Reporting problems