CVE-2017-11721

Buffer overflow in ioquake3 before 2017-08-02 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted packet.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 86%
VendorProductVersion
ioquake3ioquake3
𝑥
≤ 2017-07-31
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ioquake3
bullseye
1.36+u20201117.d1b7ab6~dfsg-1
fixed
bookworm
1.36+u20221123.70d07d9+dfsg-1
fixed
trixie
1.36+u20240727.4c19ff2+dfsg-1
fixed
sid
1.36+u20241011.cc18246+dfsg-1
fixed
iortcw
bullseye/contrib
1.51.c+dfsg1-3
fixed
bookworm/contrib
1.51.c+dfsg1-4
fixed
sid/contrib
1.51.c+dfsg1-7
fixed
trixie/contrib
1.51.c+dfsg1-7
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ioquake3
noble
not-affected
mantic
not-affected
lunar
not-affected
kinetic
not-affected
jammy
not-affected
impish
not-affected
hirsute
not-affected
groovy
not-affected
focal
not-affected
eoan
not-affected
disco
not-affected
cosmic
not-affected
bionic
not-affected
artful
not-affected
zesty
ignored
xenial
needed
trusty
dne
iortcw
noble
not-affected
mantic
not-affected
lunar
not-affected
kinetic
not-affected
jammy
not-affected
impish
not-affected
hirsute
not-affected
groovy
not-affected
focal
not-affected
eoan
not-affected
disco
not-affected
cosmic
not-affected
bionic
not-affected
artful
not-affected
zesty
Fixed 1.50a+dfsg1-3+deb9u1build0.17.04.1
released
xenial
dne
trusty
dne
Common Weakness Enumeration
References
http://www.debian.org/security/2017/dsa-3941
http://www.debian.org/security/2017/dsa-3948
https://github.com/ioquake/ioq3/commit/d2b1d124d4055c2fcbe5126863487c52fd58cca1
http://www.debian.org/security/2017/dsa-3941
http://www.debian.org/security/2017/dsa-3948
https://github.com/ioquake/ioq3/commit/d2b1d124d4055c2fcbe5126863487c52fd58cca1