CVE-2011-1412

N/A Unknown

Published: August 04, 2011 Modified: April 29, 2026

Description

sys/sys_unix.c in the ioQuake3 engine on Unix and Linux, as used in World of Padman 1.5.x before 1.5.1.1 and OpenArena 0.8.x-15 and 0.8.x-16, allows remote game servers to execute arbitrary commands via shell metacharacters in a long fs_game variable.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://archives.neohapsis.com/archives/fulldisclosure/2011-07/0338.html

Source: cve@mitre.org

Exploit

http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063460.html

Source: cve@mitre.org

http://secunia.com/advisories/45417

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/45468

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/8324

Source: cve@mitre.org

http://svn.icculus.org/quake3?view=rev&revision=2097

Source: cve@mitre.org

Patch

http://thilo.tjps.eu/download/patches/ioq3-svn-r2097.diff

Source: cve@mitre.org

Patch

http://worldofpadman.com/website/news/en/article/266/wop-1-5-1-1-hotfix-released-for-linux.html

Source: cve@mitre.org

Patch

http://www.osvdb.org/74137

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/519051/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/48915

Source: cve@mitre.org

https://bugzilla.redhat.com/show_bug.cgi?id=725951

Source: cve@mitre.org

Exploit Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/68869

Source: cve@mitre.org

https://security.gentoo.org/glsa/201706-23

Source: cve@mitre.org

http://archives.neohapsis.com/archives/fulldisclosure/2011-07/0338.html

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063460.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/45417

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/45468

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securityreason.com/securityalert/8324

Source: af854a3a-2127-422b-91ae-364da2661108

http://svn.icculus.org/quake3?view=rev&revision=2097

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://thilo.tjps.eu/download/patches/ioq3-svn-r2097.diff

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://worldofpadman.com/website/news/en/article/266/wop-1-5-1-1-hotfix-released-for-linux.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.osvdb.org/74137

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/519051/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/48915

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=725951

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/68869

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.gentoo.org/glsa/201706-23

Source: af854a3a-2127-422b-91ae-364da2661108

28 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

4.2%

90th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-20

Affected Vendors

worldofpadman linux openarena ioquake3

Related CVEs

CVE-2026-56414 7.2

CVE-2026-55975 7.2

CVE-2026-33560 7.1

CVE-2026-31928 8.1

CVE-2026-28701 9.8