CVE-2011-2764

NameCVE-2011-2764
DescriptionThe FS_CheckFilenameIsNotExecutable function in qcommon/files.c in the ioQuake3 engine 1.36 and earlier, as used in World of Padman, Smokin' Guns, OpenArena, Tremulous, and ioUrbanTerror, does not properly determine dangerous file extensions, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates a Trojan horse DLL file.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
NVD severityhigh (attack range: remote)
Debian Bugs660836
Debian/oldstablenot vulnerable.
Debian/stablenot vulnerable.
Debian/testingnot vulnerable.
Debian/unstablenot vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ioquake3 (PTS)wheezy1.36+svn2287-1fixed
jessie, sid1.36+u20140802+gca9eebb-2fixed
openarena (PTS)squeeze (security), squeeze0.8.5-5+squeeze3fixed
wheezy0.8.8-5+deb7u2fixed
jessie, sid0.8.8-9fixed
tremulous (PTS)squeeze/contrib1.1.0-8~squeeze1fixed

The information above is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
ioquake3source(unstable)1.36+svn1946-4high
openarenasource(unstable)0.8.5-5+exp1high
openarenasourcesqueeze0.8.5-5+squeeze1high
tremuloussource(unstable)1.1.0-6high660836
tremuloussourcesqueeze1.1.0-7~squeeze1high

Notes

Current openarena packages use the share ioquake3 engine

Search for package or bug name: Reporting problems