A flaw was found in the way Red Eclipse handled config files. In cube2-engine games, game maps can be transmitted either from the server to a client, or from client to client. These maps include a config file (mapname.cfg) in "cubescript" format, which allows for an attacker to send a malicious script via a new map. This map must either be chosen by an administrator on the server, or created in co-operative editing mode. A malicious script could then be used to read or write to any files that the user running the client has access to when the victim loads a map with the malicious configuration file. This has been corrected upstream: https://sourceforge.net/apps/trac/redeclipse/changeset/3764
Created redeclipse tracking bugs for this issue Affects: fedora-17 [bug 846372]
redeclipse-1.2-12.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.