CVE-2003-0650

critical

Description

Directory traversal vulnerability in GSAPAK.EXE for GameSpy Arcade, possibly versions before 1.3e, allows remote attackers to overwrite arbitrary files and execute arbitrary code via .. (dot dot) sequences in filenames in a .APK (Zip) file.

References

http://www.gamespyarcade.com/features/versions.shtml

http://marc.info/?l=bugtraq&m=105958779017085&w=2

http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0064.html

Details

Source: Mitre, NVD

Published: 2003-08-27

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.02919