Vulnerability Details : CVE-2006-3400
Stack-based buffer overflow in the CG_ServerCommand function in Quake 3 Engine as used by Soldier of Fortune 2 (SOF2MP) GOLD 1.03 allows remote attackers to cause a denial of service and possibly execute code by sending a long command from the server.
Vulnerability category: OverflowExecute codeDenial of service
Products affected by CVE-2006-3400
- cpe:2.3:a:id_software:quake_3_engine:1.32b:*:*:*:*:*:*:*
- cpe:2.3:a:id_software:quake_3_engine:1.32c:*:*:*:*:*:*:*
- cpe:2.3:a:id_software:quake_3_engine:icculus_812:*:*:*:*:*:*:*
- cpe:2.3:a:raven_software:soldier_of_fortune_2:1.03:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-3400
4.50%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-3400
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2006-3400
Jump to