header-logo
Suggest Exploit
vendor:
id Tech 4 Engine
by:
7.5
CVSS
HIGH
Remote Code Execution
CWE
Product Name: id Tech 4 Engine
Affected Version From: Enemy Territory: Quake Wars 1.5.12642.33243 and priorWolfenstein 1.3.344272 and priorQuake 4 1.4.2 and priorDoom 3 1.3.1 and priorPrey 1.4 and prior
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Windows, Linux, Mac

id Tech 4 Engine Remote Code Execution Vulnerability

The id Tech 4 Engine is vulnerable to a remote code execution vulnerability. An attacker can exploit this vulnerability to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

Mitigation:

No official patch or mitigation is available for this vulnerability.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/41001/info

id Tech 4 Engine is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

The following applications include the vulnerable engine:

Enemy Territory: Quake Wars 1.5.12642.33243 and prior
Wolfenstein 1.3.344272 and prior
Quake 4 1.4.2 and prior
Doom 3 1.3.1 and prior
Prey 1.4 and prior 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/34178.zip