VDB
CVE-2012-3345
CVE-2012-3345
PUBLISHED
CVSS 5.599999904632568 MEDIUM
ioquake3 before r2253 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ioq3.pid temporary file.
EPSS 0.02% · 7.1th percentile
Risk Scores
CVSS 2.0
5.599999904632568
EPSS Score
0.02%
7.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ioquake3 | ioquake3_engine | 0 |
| n/a | n/a | n/a |
Timeline
- Jun 15, 2012 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- [oss-security] 20120614 CVE-2012-3345: symlink attack in ioquake3 >= r1773, < r2253 mailing-list
- GLSA-201706-23 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2012-3345 advisory