All the vulnerabilites related to epic_games - unreal_engine
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| epic_games | unreal_engine | 226f | |
| epic_games | unreal_engine | 433 | |
| epic_games | unreal_engine | 436 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:226f:*:*:*:*:*:*:*",
"matchCriteriaId": "A99F5526-E641-464B-83A3-A9AF27AC287D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:433:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC39AE7-3145-4095-A471-C1668CAB8F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:436:*:*:*:*:*:*:*",
"matchCriteriaId": "93D14650-A8AC-4CBB-9968-0EF215623DE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times."
}
],
"id": "CVE-2003-1433",
"lastModified": "2024-11-20T23:47:08.360",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.pivx.com/luigi/adv/ueng-adv.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6771"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11304"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.pivx.com/luigi/adv/ueng-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11304"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-21 00:17
Modified
2024-11-21 00:35
Severity ?
Summary
Stack-based buffer overflow in the logging function in the Unreal engine, possibly 2003 and 2004, as used in the internal web server, allows remote attackers to cause a denial of service (application crash) via a request for a long .gif filename in the images/ directory, related to conversion from Unicode to ASCII.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| epic_games | unreal_engine | 2003 | |
| epic_games | unreal_engine | 2004 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "40C1CCD5-3865-4CE0-83A8-918A74C69616",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "42D14150-8F8C-4C34-9719-6F85BAE9326E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the logging function in the Unreal engine, possibly 2003 and 2004, as used in the internal web server, allows remote attackers to cause a denial of service (application crash) via a request for a long .gif filename in the images/ directory, related to conversion from Unicode to ASCII."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n logging en Unreal engine, posiblemente 2003 y 2004, utilizado en los servidores web internos permite a atacantes remotos provocar denegaci\u00f3n de servicio (caida de aplicaci\u00f3n) a trav\u00e9s de una respuesta para un nombre de archivo largo .gif en el directorio images/, relacionado con la conversi\u00f3n de Unicode a ASCII."
}
],
"id": "CVE-2007-4442",
"lastModified": "2024-11-21T00:35:36.607",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-21T00:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://aluigi.org/adv/unrwebdos-adv.txt"
},
{
"source": "cve@mitre.org",
"url": "http://aluigi.org/poc/unrwebdos.zip"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26506"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3039"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/477026/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/25374"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://aluigi.org/adv/unrwebdos-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://aluigi.org/poc/unrwebdos.zip"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/477026/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36102"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a ".." (dot dot) in an unreal:// URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| microsoft | all_windows | * | |
| epic_games | unreal_engine | 226f | |
| epic_games | unreal_engine | 433 | |
| epic_games | unreal_engine | 436 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:226f:*:*:*:*:*:*:*",
"matchCriteriaId": "A99F5526-E641-464B-83A3-A9AF27AC287D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:433:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC39AE7-3145-4095-A471-C1668CAB8F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:436:*:*:*:*:*:*:*",
"matchCriteriaId": "93D14650-A8AC-4CBB-9968-0EF215623DE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a \"..\" (dot dot) in an unreal:// URL."
}
],
"id": "CVE-2003-1430",
"lastModified": "2024-11-20T23:47:07.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6775"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11299"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-21 00:17
Modified
2024-11-21 00:35
Severity ?
Summary
The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote attackers to cause a denial of service (continuous beep and server slowdown) via a string containing many 0x07 characters in (1) a request to the images/ directory, (2) the Content-Type field, (3) a HEAD request, and possibly other unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| epic_games | unreal_engine | 2003 | |
| epic_games | unreal_engine | 2004 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "40C1CCD5-3865-4CE0-83A8-918A74C69616",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "42D14150-8F8C-4C34-9719-6F85BAE9326E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote attackers to cause a denial of service (continuous beep and server slowdown) via a string containing many 0x07 characters in (1) a request to the images/ directory, (2) the Content-Type field, (3) a HEAD request, and possibly other unspecified vectors."
},
{
"lang": "es",
"value": "El servidor dedicado UCC para el Unreal engine, posiblemente 2003 y 2004, sobre Windows permite a atacantes remotos provocar denegaci\u00f3n de servicio (continuos pitidos y disminuci\u00f3n de servidor) a trav\u00e9s de una cadena que contiene varios caracteres 0x07 en (1) una respuesta en el directorio images/, (2) el campo Content-Type, (3) una respuesta HEAD, y posiblemente otros vectores no especificados."
}
],
"id": "CVE-2007-4443",
"lastModified": "2024-11-21T00:35:36.763",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-21T00:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://aluigi.org/adv/unrwebdos-adv.txt"
},
{
"source": "cve@mitre.org",
"url": "http://aluigi.org/poc/unrwebdos.zip"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26506"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3039"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/477026/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/478053/100/200/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/478064/100/200/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://aluigi.org/adv/unrwebdos-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://aluigi.org/poc/unrwebdos.zip"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/477026/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/478053/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/478064/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36103"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-06 05:00
Modified
2024-11-20 23:48
Severity ?
Summary
The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces 20000 and earlier, Nerf Arena Blast 1.2 and earlier, Postal 2 1337 and earlier, Rune 107 and earlier, Tactical Ops 3.4.0 and earlier, Unreal 1 226f and earlier, Unreal II XMP 7710 and earlier, Unreal Tournament 451b and earlier, Unreal Tournament 2003 2225 and earlier, Unreal Tournament 2004 before 3236, Wheel of Time 333b and earlier, and X-com Enforcer, allows remote attackers to execute arbitrary code via a UDP packet containing a secure query with a long value, which overwrites memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arush | devastation | 390.0 | |
| dreamforge | tnn_outdoors_pro_hunter | * | |
| epic_games | unreal_engine | 226f | |
| epic_games | unreal_engine | 433 | |
| epic_games | unreal_engine | 436 | |
| epic_games | unreal_tournament | 451b | |
| epic_games | unreal_tournament_2003 | 2199_linux | |
| epic_games | unreal_tournament_2003 | 2199_macos | |
| epic_games | unreal_tournament_2003 | 2199_win32 | |
| epic_games | unreal_tournament_2003 | 2225_macos | |
| epic_games | unreal_tournament_2003 | 2225_win32 | |
| epic_games | unreal_tournament_2004 | macos | |
| epic_games | unreal_tournament_2004 | win32 | |
| infogrames | tacticalops | 3.4 | |
| infogrames | x-com_enforcer | * | |
| ion_storm | deusex | 1.112_fm | |
| nerf_arena_blast | nerf_arena_blast | 1.2 | |
| rage_software | mobile_forces | 20000.0 | |
| robert_jordan | wheel_of_time | 333.0b | |
| running_with_scissors | postal_2 | 1337 | |
| gentoo | linux | 1.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arush:devastation:390.0:*:*:*:*:*:*:*",
"matchCriteriaId": "91455172-A4E9-4FFE-A8BA-7F42A57E0178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dreamforge:tnn_outdoors_pro_hunter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E1B27DC-C23A-4B9C-8BB6-8CE1CE96D834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:226f:*:*:*:*:*:*:*",
"matchCriteriaId": "A99F5526-E641-464B-83A3-A9AF27AC287D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:433:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC39AE7-3145-4095-A471-C1668CAB8F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:436:*:*:*:*:*:*:*",
"matchCriteriaId": "93D14650-A8AC-4CBB-9968-0EF215623DE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_tournament:451b:*:*:*:*:*:*:*",
"matchCriteriaId": "97F32E3A-5AAA-4339-9D13-683503ED1583",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_tournament_2003:2199_linux:*:*:*:*:*:*:*",
"matchCriteriaId": "48CB8C40-600B-47E5-95C7-69CC45511FD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_tournament_2003:2199_macos:*:*:*:*:*:*:*",
"matchCriteriaId": "74616692-4F51-48F6-9359-4BB7D669B01A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_tournament_2003:2199_win32:*:*:*:*:*:*:*",
"matchCriteriaId": "1971DEBD-F042-438D-B335-4D8BF3304EF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_tournament_2003:2225_macos:*:*:*:*:*:*:*",
"matchCriteriaId": "BA13D42B-7EF0-4D3E-94B4-6E0CDBB4DF1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_tournament_2003:2225_win32:*:*:*:*:*:*:*",
"matchCriteriaId": "69B75B3F-99B7-497E-9E1E-C49520E971D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_tournament_2004:macos:*:*:*:*:*:*:*",
"matchCriteriaId": "B5FF117A-F923-4891-9AE5-19791F71215C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_tournament_2004:win32:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C8FA0D-6FEA-4C92-9759-067D96C09F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:infogrames:tacticalops:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F409A702-F5EE-429C-A208-E7A8693FCDBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:infogrames:x-com_enforcer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB1D7911-0A9A-4771-AC16-7B1017A0A094",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ion_storm:deusex:1.112_fm:*:*:*:*:*:*:*",
"matchCriteriaId": "3F029653-AF84-45D8-9508-0C65307415B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nerf_arena_blast:nerf_arena_blast:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F8DAD171-F434-4299-B5F5-BAF843BC55DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rage_software:mobile_forces:20000.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26EFB617-24C2-4FCD-AEDB-CEE4B37C6264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:robert_jordan:wheel_of_time:333.0b:*:*:*:*:*:*:*",
"matchCriteriaId": "8A8B1ED2-CACC-4FA2-9F59-E87AC64C448A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:running_with_scissors:postal_2:1337:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE50091-3C88-45F1-86A3-417886D6A97E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces 20000 and earlier, Nerf Arena Blast 1.2 and earlier, Postal 2 1337 and earlier, Rune 107 and earlier, Tactical Ops 3.4.0 and earlier, Unreal 1 226f and earlier, Unreal II XMP 7710 and earlier, Unreal Tournament 451b and earlier, Unreal Tournament 2003 2225 and earlier, Unreal Tournament 2004 before 3236, Wheel of Time 333b and earlier, and X-com Enforcer, allows remote attackers to execute arbitrary code via a UDP packet containing a secure query with a long value, which overwrites memory."
},
{
"lang": "es",
"value": "El Motor de Unreal, usado en in DeusEx 1.112fm y anteriores, , Devastation 390 y anteriores, Mobile Forces 20000 y anteriores, Nerf Arena Blast 1.2 y anteriores, Postal 2 1337 y anteriores, Rune 107 y anteriores, Tactical Ops 3.4.0 y anteriores, Unreal 1 226f y anteriores, Unreal II XMP 7710 y anteriores, Unreal Tournament 451b y anteriores, Unreal Tournament 2003 2225 y anteriores, Unreal Tournament 2004 anteriores a 3236, Wheel of Time 333b y anteriores, and X-com Enforcer permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un paquete UDP conteniendo una consulta segura con un valor largo, lo que sobreescribe memoria."
}
],
"id": "CVE-2004-0608",
"lastModified": "2024-11-20T23:48:58.293",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-06T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://aluigi.altervista.org/adv/unsecure-adv.txt"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108787105023304\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-14.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10570"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://aluigi.altervista.org/adv/unsecure-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108787105023304\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-14.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16451"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:51
Severity ?
Summary
Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in class names.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| epic_games | unreal_engine | 226f | |
| epic_games | unreal_engine | 433 | |
| epic_games | unreal_engine | 436 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:226f:*:*:*:*:*:*:*",
"matchCriteriaId": "A99F5526-E641-464B-83A3-A9AF27AC287D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:433:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC39AE7-3145-4095-A471-C1668CAB8F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:436:*:*:*:*:*:*:*",
"matchCriteriaId": "93D14650-A8AC-4CBB-9968-0EF215623DE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in class names."
}
],
"id": "CVE-2004-1805",
"lastModified": "2024-11-20T23:51:47.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://aluigi.altervista.org/adv/unrfs-adv.txt"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107893764406905\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107902755204583\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/11108"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/9840"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15430"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://aluigi.altervista.org/adv/unrfs-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107893764406905\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107902755204583\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/11108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/9840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15430"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:52
Severity ?
Summary
Directory traversal vulnerability in manifest.ini in Unreal engine allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in a UMOD (Unreal MOD) file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| epic_games | unreal_engine | 433 | |
| epic_games | unreal_engine | 436 | |
| epic_games | unreal_tournament | 451b | |
| epic_games | unreal_tournament_2003 | 2199_macos | |
| epic_games | unreal_tournament_2003 | 2199_win32 | |
| epic_games | unreal_tournament_2003 | 2225_macos | |
| epic_games | unreal_tournament_2003 | 2225_win32 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:433:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC39AE7-3145-4095-A471-C1668CAB8F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:436:*:*:*:*:*:*:*",
"matchCriteriaId": "93D14650-A8AC-4CBB-9968-0EF215623DE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_tournament:451b:*:*:*:*:*:*:*",
"matchCriteriaId": "97F32E3A-5AAA-4339-9D13-683503ED1583",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_tournament_2003:2199_macos:*:*:*:*:*:*:*",
"matchCriteriaId": "74616692-4F51-48F6-9359-4BB7D669B01A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_tournament_2003:2199_win32:*:*:*:*:*:*:*",
"matchCriteriaId": "1971DEBD-F042-438D-B335-4D8BF3304EF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_tournament_2003:2225_macos:*:*:*:*:*:*:*",
"matchCriteriaId": "BA13D42B-7EF0-4D3E-94B4-6E0CDBB4DF1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_tournament_2003:2225_win32:*:*:*:*:*:*:*",
"matchCriteriaId": "69B75B3F-99B7-497E-9E1E-C49520E971D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in manifest.ini in Unreal engine allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in a UMOD (Unreal MOD) file."
}
],
"id": "CVE-2004-1958",
"lastModified": "2024-11-20T23:52:09.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://aluigi.altervista.org/adv/umod-adv.txt"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108267310519459\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/10196"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://aluigi.altervista.org/adv/umod-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108267310519459\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/10196"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15942"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
Buffer overflow in Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (crash) via a long host string in the Unreal URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| epic_games | unreal_engine | 226f | |
| epic_games | unreal_engine | 433 | |
| epic_games | unreal_engine | 436 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:226f:*:*:*:*:*:*:*",
"matchCriteriaId": "A99F5526-E641-464B-83A3-A9AF27AC287D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:433:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC39AE7-3145-4095-A471-C1668CAB8F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:436:*:*:*:*:*:*:*",
"matchCriteriaId": "93D14650-A8AC-4CBB-9968-0EF215623DE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (crash) via a long host string in the Unreal URL."
}
],
"id": "CVE-2003-1431",
"lastModified": "2024-11-20T23:47:08.063",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.pivx.com/luigi/adv/ueng-adv.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/6774"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11301"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.pivx.com/luigi/adv/ueng-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/6774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11301"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size value, which is treated as a large positive number during memory allocation, or (2) a negative size value in a package file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| epic_games | unreal_engine | 226f | |
| epic_games | unreal_engine | 433 | |
| epic_games | unreal_engine | 436 | |
| epic_games | unreal_tournament_2003 | 2199_linux | |
| epic_games | unreal_tournament_2003 | 2199_win32 | |
| epic_games | unreal_tournament_2003 | demo_version_2206_linux | |
| epic_games | unreal_tournament_2003 | demo_version_2206_win32 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:226f:*:*:*:*:*:*:*",
"matchCriteriaId": "A99F5526-E641-464B-83A3-A9AF27AC287D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:433:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC39AE7-3145-4095-A471-C1668CAB8F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:436:*:*:*:*:*:*:*",
"matchCriteriaId": "93D14650-A8AC-4CBB-9968-0EF215623DE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_tournament_2003:2199_linux:*:*:*:*:*:*:*",
"matchCriteriaId": "48CB8C40-600B-47E5-95C7-69CC45511FD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_tournament_2003:2199_win32:*:*:*:*:*:*:*",
"matchCriteriaId": "1971DEBD-F042-438D-B335-4D8BF3304EF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_tournament_2003:demo_version_2206_linux:*:*:*:*:*:*:*",
"matchCriteriaId": "1347D2F5-A78E-4912-950C-74C4DEC396BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_tournament_2003:demo_version_2206_win32:*:*:*:*:*:*:*",
"matchCriteriaId": "1375C10B-A6CD-48E5-8FFA-65BA4A1C315B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size value, which is treated as a large positive number during memory allocation, or (2) a negative size value in a package file."
}
],
"id": "CVE-2003-1432",
"lastModified": "2024-11-20T23:47:08.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-05/0142.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/6770"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/6772"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11302"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11305"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-05/0142.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/6770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/6772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12012"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
},
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2007-4443
Vulnerability from cvelistv5
Published
2007-08-21 00:00
Modified
2024-08-07 14:53
Severity ?
EPSS score ?
Summary
The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote attackers to cause a denial of service (continuous beep and server slowdown) via a string containing many 0x07 characters in (1) a request to the images/ directory, (2) the Content-Type field, (3) a HEAD request, and possibly other unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/477026/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/26506 | third-party-advisory, x_refsource_SECUNIA | |
| http://securityreason.com/securityalert/3039 | third-party-advisory, x_refsource_SREASON | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/36103 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/478053/100/200/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/archive/1/478064/100/200/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://aluigi.org/poc/unrwebdos.zip | x_refsource_MISC | |
| http://aluigi.org/adv/unrwebdos-adv.txt | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:53:56.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070818 Unexploitable buffer-overflow in the logging function of the Unreal engine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/477026/100/0/threaded"
},
{
"name": "26506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26506"
},
{
"name": "3039",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3039"
},
{
"name": "unreal-multiple-command-dos(36103)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36103"
},
{
"name": "20070829 Re: Unexploitable buffer-overflow in the logging function of the Unreal engine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/478053/100/200/threaded"
},
{
"name": "20070829 Re[2]: Unexploitable buffer-overflow in the logging function of the Unreal engine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/478064/100/200/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/poc/unrwebdos.zip"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/unrwebdos-adv.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote attackers to cause a denial of service (continuous beep and server slowdown) via a string containing many 0x07 characters in (1) a request to the images/ directory, (2) the Content-Type field, (3) a HEAD request, and possibly other unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070818 Unexploitable buffer-overflow in the logging function of the Unreal engine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/477026/100/0/threaded"
},
{
"name": "26506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26506"
},
{
"name": "3039",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3039"
},
{
"name": "unreal-multiple-command-dos(36103)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36103"
},
{
"name": "20070829 Re: Unexploitable buffer-overflow in the logging function of the Unreal engine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/478053/100/200/threaded"
},
{
"name": "20070829 Re[2]: Unexploitable buffer-overflow in the logging function of the Unreal engine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/478064/100/200/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/poc/unrwebdos.zip"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/unrwebdos-adv.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4443",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote attackers to cause a denial of service (continuous beep and server slowdown) via a string containing many 0x07 characters in (1) a request to the images/ directory, (2) the Content-Type field, (3) a HEAD request, and possibly other unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070818 Unexploitable buffer-overflow in the logging function of the Unreal engine",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477026/100/0/threaded"
},
{
"name": "26506",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26506"
},
{
"name": "3039",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3039"
},
{
"name": "unreal-multiple-command-dos(36103)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36103"
},
{
"name": "20070829 Re: Unexploitable buffer-overflow in the logging function of the Unreal engine",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/478053/100/200/threaded"
},
{
"name": "20070829 Re[2]: Unexploitable buffer-overflow in the logging function of the Unreal engine",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/478064/100/200/threaded"
},
{
"name": "http://aluigi.org/poc/unrwebdos.zip",
"refsource": "MISC",
"url": "http://aluigi.org/poc/unrwebdos.zip"
},
{
"name": "http://aluigi.org/adv/unrwebdos-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/unrwebdos-adv.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4443",
"datePublished": "2007-08-21T00:00:00",
"dateReserved": "2007-08-20T00:00:00",
"dateUpdated": "2024-08-07T14:53:56.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1430
Vulnerability from cvelistv5
Published
2007-10-23 01:00
Modified
2024-08-08 02:28
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a ".." (dot dot) in an unreal:// URL.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/6775 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html | mailing-list, x_refsource_BUGTRAQ | |
| http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11299 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6775",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6775"
},
{
"name": "20030205 Unreal engine: results of my research",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"name": "20030211 Re: Epic Games threatens to sue security researchers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"name": "ut-file-directory-traversal(11299)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11299"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a \"..\" (dot dot) in an unreal:// URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6775",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6775"
},
{
"name": "20030205 Unreal engine: results of my research",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"name": "20030211 Re: Epic Games threatens to sue security researchers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"name": "ut-file-directory-traversal(11299)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11299"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a \"..\" (dot dot) in an unreal:// URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6775",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6775"
},
{
"name": "20030205 Unreal engine: results of my research",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"name": "20030211 Re: Epic Games threatens to sue security researchers",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"name": "ut-file-directory-traversal(11299)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11299"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1430",
"datePublished": "2007-10-23T01:00:00",
"dateReserved": "2007-10-22T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1958
Vulnerability from cvelistv5
Published
2005-05-10 04:00
Modified
2024-08-08 01:07
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in manifest.ini in Unreal engine allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in a UMOD (Unreal MOD) file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://aluigi.altervista.org/adv/umod-adv.txt | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/15942 | vdb-entry, x_refsource_XF | |
| http://marc.info/?l=bugtraq&m=108267310519459&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/10196 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:07:49.132Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/umod-adv.txt"
},
{
"name": "unreal-umod-dotdot-file-overwrite(15942)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15942"
},
{
"name": "20040422 Arbitrary file overwriting in Unreal engine through UMOD",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108267310519459\u0026w=2"
},
{
"name": "10196",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10196"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in manifest.ini in Unreal engine allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in a UMOD (Unreal MOD) file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/umod-adv.txt"
},
{
"name": "unreal-umod-dotdot-file-overwrite(15942)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15942"
},
{
"name": "20040422 Arbitrary file overwriting in Unreal engine through UMOD",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108267310519459\u0026w=2"
},
{
"name": "10196",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10196"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1958",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in manifest.ini in Unreal engine allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in a UMOD (Unreal MOD) file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.altervista.org/adv/umod-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/umod-adv.txt"
},
{
"name": "unreal-umod-dotdot-file-overwrite(15942)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15942"
},
{
"name": "20040422 Arbitrary file overwriting in Unreal engine through UMOD",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108267310519459\u0026w=2"
},
{
"name": "10196",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10196"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1958",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T01:07:49.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-4442
Vulnerability from cvelistv5
Published
2007-08-21 00:00
Modified
2024-08-07 14:53
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the logging function in the Unreal engine, possibly 2003 and 2004, as used in the internal web server, allows remote attackers to cause a denial of service (application crash) via a request for a long .gif filename in the images/ directory, related to conversion from Unicode to ASCII.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/36102 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/477026/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/26506 | third-party-advisory, x_refsource_SECUNIA | |
| http://securityreason.com/securityalert/3039 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/bid/25374 | vdb-entry, x_refsource_BID | |
| http://aluigi.org/poc/unrwebdos.zip | x_refsource_MISC | |
| http://aluigi.org/adv/unrwebdos-adv.txt | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:53:55.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "unreal-logging-bo(36102)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36102"
},
{
"name": "20070818 Unexploitable buffer-overflow in the logging function of the Unreal engine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/477026/100/0/threaded"
},
{
"name": "26506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26506"
},
{
"name": "3039",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3039"
},
{
"name": "25374",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25374"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/poc/unrwebdos.zip"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/unrwebdos-adv.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the logging function in the Unreal engine, possibly 2003 and 2004, as used in the internal web server, allows remote attackers to cause a denial of service (application crash) via a request for a long .gif filename in the images/ directory, related to conversion from Unicode to ASCII."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "unreal-logging-bo(36102)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36102"
},
{
"name": "20070818 Unexploitable buffer-overflow in the logging function of the Unreal engine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/477026/100/0/threaded"
},
{
"name": "26506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26506"
},
{
"name": "3039",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3039"
},
{
"name": "25374",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25374"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/poc/unrwebdos.zip"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/unrwebdos-adv.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4442",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the logging function in the Unreal engine, possibly 2003 and 2004, as used in the internal web server, allows remote attackers to cause a denial of service (application crash) via a request for a long .gif filename in the images/ directory, related to conversion from Unicode to ASCII."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "unreal-logging-bo(36102)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36102"
},
{
"name": "20070818 Unexploitable buffer-overflow in the logging function of the Unreal engine",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477026/100/0/threaded"
},
{
"name": "26506",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26506"
},
{
"name": "3039",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3039"
},
{
"name": "25374",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25374"
},
{
"name": "http://aluigi.org/poc/unrwebdos.zip",
"refsource": "MISC",
"url": "http://aluigi.org/poc/unrwebdos.zip"
},
{
"name": "http://aluigi.org/adv/unrwebdos-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/unrwebdos-adv.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4442",
"datePublished": "2007-08-21T00:00:00",
"dateReserved": "2007-08-20T00:00:00",
"dateUpdated": "2024-08-07T14:53:55.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0608
Vulnerability from cvelistv5
Published
2004-06-30 04:00
Modified
2024-08-08 00:24
Severity ?
EPSS score ?
Summary
The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces 20000 and earlier, Nerf Arena Blast 1.2 and earlier, Postal 2 1337 and earlier, Rune 107 and earlier, Tactical Ops 3.4.0 and earlier, Unreal 1 226f and earlier, Unreal II XMP 7710 and earlier, Unreal Tournament 451b and earlier, Unreal Tournament 2003 2225 and earlier, Unreal Tournament 2004 before 3236, Wheel of Time 333b and earlier, and X-com Enforcer, allows remote attackers to execute arbitrary code via a UDP packet containing a secure query with a long value, which overwrites memory.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/10570 | vdb-entry, x_refsource_BID | |
| http://www.gentoo.org/security/en/glsa/glsa-200407-14.xml | vendor-advisory, x_refsource_GENTOO | |
| http://marc.info/?l=bugtraq&m=108787105023304&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://aluigi.altervista.org/adv/unsecure-adv.txt | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16451 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "10570",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10570"
},
{
"name": "GLSA-200407-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-14.xml"
},
{
"name": "20040618 Code execution in the Unreal Engine through \\secure\\ packet",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108787105023304\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/unsecure-adv.txt"
},
{
"name": "unreal-secure-query-command-execute(16451)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16451"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces 20000 and earlier, Nerf Arena Blast 1.2 and earlier, Postal 2 1337 and earlier, Rune 107 and earlier, Tactical Ops 3.4.0 and earlier, Unreal 1 226f and earlier, Unreal II XMP 7710 and earlier, Unreal Tournament 451b and earlier, Unreal Tournament 2003 2225 and earlier, Unreal Tournament 2004 before 3236, Wheel of Time 333b and earlier, and X-com Enforcer, allows remote attackers to execute arbitrary code via a UDP packet containing a secure query with a long value, which overwrites memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "10570",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10570"
},
{
"name": "GLSA-200407-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-14.xml"
},
{
"name": "20040618 Code execution in the Unreal Engine through \\secure\\ packet",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108787105023304\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/unsecure-adv.txt"
},
{
"name": "unreal-secure-query-command-execute(16451)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16451"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0608",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces 20000 and earlier, Nerf Arena Blast 1.2 and earlier, Postal 2 1337 and earlier, Rune 107 and earlier, Tactical Ops 3.4.0 and earlier, Unreal 1 226f and earlier, Unreal II XMP 7710 and earlier, Unreal Tournament 451b and earlier, Unreal Tournament 2003 2225 and earlier, Unreal Tournament 2004 before 3236, Wheel of Time 333b and earlier, and X-com Enforcer, allows remote attackers to execute arbitrary code via a UDP packet containing a secure query with a long value, which overwrites memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10570",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10570"
},
{
"name": "GLSA-200407-14",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-14.xml"
},
{
"name": "20040618 Code execution in the Unreal Engine through \\secure\\ packet",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108787105023304\u0026w=2"
},
{
"name": "http://aluigi.altervista.org/adv/unsecure-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/unsecure-adv.txt"
},
{
"name": "unreal-secure-query-command-execute(16451)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16451"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0608",
"datePublished": "2004-06-30T04:00:00",
"dateReserved": "2004-06-29T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1432
Vulnerability from cvelistv5
Published
2007-10-23 01:00
Modified
2024-08-08 02:28
Severity ?
EPSS score ?
Summary
Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size value, which is treated as a large positive number during memory allocation, or (2) a negative size value in a package file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11302 | vdb-entry, x_refsource_XF | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11305 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/6770 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/bid/6772 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html | mailing-list, x_refsource_BUGTRAQ | |
| http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/12012 | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/bugtraq/2003-05/0142.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.738Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ut-packet-dos(11302)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11302"
},
{
"name": "ut-negative-memory-corruption(11305)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11305"
},
{
"name": "6770",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6770"
},
{
"name": "6772",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6772"
},
{
"name": "20030205 Unreal engine: results of my research",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"name": "20030211 Re: Epic Games threatens to sue security researchers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"name": "ut-negative-udp-dos(12012)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12012"
},
{
"name": "20030513 UT2003 client passive DoS exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-05/0142.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size value, which is treated as a large positive number during memory allocation, or (2) a negative size value in a package file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ut-packet-dos(11302)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11302"
},
{
"name": "ut-negative-memory-corruption(11305)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11305"
},
{
"name": "6770",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6770"
},
{
"name": "6772",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6772"
},
{
"name": "20030205 Unreal engine: results of my research",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"name": "20030211 Re: Epic Games threatens to sue security researchers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"name": "ut-negative-udp-dos(12012)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12012"
},
{
"name": "20030513 UT2003 client passive DoS exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-05/0142.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size value, which is treated as a large positive number during memory allocation, or (2) a negative size value in a package file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ut-packet-dos(11302)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11302"
},
{
"name": "ut-negative-memory-corruption(11305)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11305"
},
{
"name": "6770",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6770"
},
{
"name": "6772",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6772"
},
{
"name": "20030205 Unreal engine: results of my research",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"name": "20030211 Re: Epic Games threatens to sue security researchers",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"name": "ut-negative-udp-dos(12012)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12012"
},
{
"name": "20030513 UT2003 client passive DoS exploit",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-05/0142.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1432",
"datePublished": "2007-10-23T01:00:00",
"dateReserved": "2007-10-22T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.738Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1433
Vulnerability from cvelistv5
Published
2007-10-23 01:00
Modified
2024-08-08 02:28
Severity ?
EPSS score ?
Summary
Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/6771 | vdb-entry, x_refsource_BID | |
| http://www.pivx.com/luigi/adv/ueng-adv.txt | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11304 | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html | mailing-list, x_refsource_BUGTRAQ | |
| http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6771",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6771"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.pivx.com/luigi/adv/ueng-adv.txt"
},
{
"name": "ut-join-request-dos(11304)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11304"
},
{
"name": "20030205 Unreal engine: results of my research",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"name": "20030211 Re: Epic Games threatens to sue security researchers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6771",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6771"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.pivx.com/luigi/adv/ueng-adv.txt"
},
{
"name": "ut-join-request-dos(11304)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11304"
},
{
"name": "20030205 Unreal engine: results of my research",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"name": "20030211 Re: Epic Games threatens to sue security researchers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1433",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6771",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6771"
},
{
"name": "http://www.pivx.com/luigi/adv/ueng-adv.txt",
"refsource": "MISC",
"url": "http://www.pivx.com/luigi/adv/ueng-adv.txt"
},
{
"name": "ut-join-request-dos(11304)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11304"
},
{
"name": "20030205 Unreal engine: results of my research",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"name": "20030211 Re: Epic Games threatens to sue security researchers",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1433",
"datePublished": "2007-10-23T01:00:00",
"dateReserved": "2007-10-22T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1431
Vulnerability from cvelistv5
Published
2007-10-23 01:00
Modified
2024-08-08 02:28
Severity ?
EPSS score ?
Summary
Buffer overflow in Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (crash) via a long host string in the Unreal URL.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11301 | vdb-entry, x_refsource_XF | |
| http://www.pivx.com/luigi/adv/ueng-adv.txt | x_refsource_MISC | |
| http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html | mailing-list, x_refsource_BUGTRAQ | |
| http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/6774 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ut-url-memory-corruption(11301)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11301"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.pivx.com/luigi/adv/ueng-adv.txt"
},
{
"name": "20030205 Unreal engine: results of my research",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"name": "20030211 Re: Epic Games threatens to sue security researchers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"name": "6774",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6774"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (crash) via a long host string in the Unreal URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ut-url-memory-corruption(11301)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11301"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.pivx.com/luigi/adv/ueng-adv.txt"
},
{
"name": "20030205 Unreal engine: results of my research",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"name": "20030211 Re: Epic Games threatens to sue security researchers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"name": "6774",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6774"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (crash) via a long host string in the Unreal URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ut-url-memory-corruption(11301)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11301"
},
{
"name": "http://www.pivx.com/luigi/adv/ueng-adv.txt",
"refsource": "MISC",
"url": "http://www.pivx.com/luigi/adv/ueng-adv.txt"
},
{
"name": "20030205 Unreal engine: results of my research",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"name": "20030211 Re: Epic Games threatens to sue security researchers",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"name": "6774",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6774"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1431",
"datePublished": "2007-10-23T01:00:00",
"dateReserved": "2007-10-22T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1805
Vulnerability from cvelistv5
Published
2005-05-10 04:00
Modified
2024-08-08 01:07
Severity ?
EPSS score ?
Summary
Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in class names.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/15430 | vdb-entry, x_refsource_XF | |
| http://marc.info/?l=bugtraq&m=107893764406905&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://aluigi.altervista.org/adv/unrfs-adv.txt | x_refsource_MISC | |
| http://secunia.com/advisories/11108 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/9840 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=107902755204583&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:07:47.928Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ut-class-format-string(15430)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15430"
},
{
"name": "20040310 Format string bug in EpicGames Unreal engine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107893764406905\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/unrfs-adv.txt"
},
{
"name": "11108",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11108"
},
{
"name": "9840",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9840"
},
{
"name": "20040311 Re: Format string bug in EpicGames Unreal engine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107902755204583\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in class names."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ut-class-format-string(15430)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15430"
},
{
"name": "20040310 Format string bug in EpicGames Unreal engine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107893764406905\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/unrfs-adv.txt"
},
{
"name": "11108",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11108"
},
{
"name": "9840",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9840"
},
{
"name": "20040311 Re: Format string bug in EpicGames Unreal engine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107902755204583\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in class names."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ut-class-format-string(15430)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15430"
},
{
"name": "20040310 Format string bug in EpicGames Unreal engine",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107893764406905\u0026w=2"
},
{
"name": "http://aluigi.altervista.org/adv/unrfs-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/unrfs-adv.txt"
},
{
"name": "11108",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11108"
},
{
"name": "9840",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9840"
},
{
"name": "20040311 Re: Format string bug in EpicGames Unreal engine",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107902755204583\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1805",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T01:07:47.928Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}