本ページは id_software quake_ii_server に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2004-2597 | Quake II server before R1Q2, as used in multiple products, allows remote attackers to bypass IP-based access control rules via a userinfo string that already contains an "ip" key/value pair but is also long enough to cause a new key/value pair to be truncated, which interferes with the server's ability to find the client's IP address. | [email protected] | 5.0 | 0.47% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2596 | Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (exhaustion of connection slots) via a large number of connections from the same IP address. | [email protected] | 5.0 | 1.27% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2593 | Buffer overflow in command-packet processing of Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a packet with a long cmd_args buffer. | [email protected] | 7.5 | 3.78% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2592 | Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a modified client that asks the server to send data stored at a negative array offset, which is not handled when processing Configstrings and Baselines. | [email protected] | 5.0 | 4.67% | 2004-12-31 | 2026-04-16 |