vulnerability

FreeBSD: VID-e48355d7-1548-11e7-8611-0090f5f2f347 (CVE-2017-6903): id Tech 3 -- remote code execution vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:N/C:C/I:C/A:C)	Apr 7, 2017	Apr 10, 2017	Dec 10, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Apr 7, 2017

Added

Apr 10, 2017

Modified

Dec 10, 2025

Description

The content auto-download of id Tech 3 can be used to deliver maliciously crafted content, that triggers downloading of further content and loading and executing it as native code with user credentials. This affects ioquake3, ioUrbanTerror, OpenArena, the original Quake 3 Arena and other forks.

Solutions

freebsd-upgrade-package-ioquake3freebsd-upgrade-package-ioquake3-develfreebsd-upgrade-package-iourbanterrorfreebsd-upgrade-package-openarena

References

CVE-2017-6903
https://attackerkb.com/topics/CVE-2017-6903

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today