id Software Doom 3 Engine Console String Visualization Format String Vulnerability

Bugtraq ID:	25893
Class:	Input Validation Error
CVE:	CVE-2007-5248
Remote:	Yes
Local:	No
Published:	Oct 02 2007 12:00AM
Updated:	May 07 2015 05:35PM
Credit:	Luigi Auriemma is credited with the discovery of this vulnerability.
Vulnerable:	id Software Quake 4 1.4.2 id Software Prey 1.3 id Software Doom 3 1.3.1 id Software Doom 3.0
Not Vulnerable:

id Software Doom 3 Engine Console String Visualization Format String Vulnerability

id Software Doom 3 engine is prone to a format-string vulnerability.

Exploiting this issue will allow attackers to execute arbitrary code with the permissions of a user running the application. Failed attacks will likely cause denial-of-service conditions.

Several games that use the Doom 3 engine are affected, including Doom 3, Quake 4, and Prey.

id Software Doom 3 Engine Console String Visualization Format String Vulnerability

The following example exploit code is available:

• /data/vulnerabilities/exploits/25893-d3engfspb.c

id Software Doom 3 Engine Console String Visualization Format String Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

id Software Doom 3 Engine Console String Visualization Format String Vulnerability

References:

• id Software Home Page (id Software)
  
• PunkBuster Homepage (Even Balance)
  
• Format string in the Doom 3 engine through PB (Luigi Auriemma)