FKIE_CVE-2010-2702

Vulnerability from fkie_nvd - Published: 2010-07-12 17:30 - Updated: 2025-04-11 00:51
Severity ?
Summary
Buffer overflow in the UGameEngine::UpdateConnectingMessage function in the Unreal engine 1, 2, and 2.5, as used in multiple games including Unreal Tournament 2004, Unreal tournament 2003, Postal 2, Raven Shield, and SWAT4, when downloads are enabled, allows remote attackers to execute arbitrary code via a long LEVEL field in a WELCOME response to a download request.
References
cve@mitre.orghttp://aluigi.altervista.org/adv/unrealcbof-adv.txtExploit
cve@mitre.orghttp://aluigi.org/poc/unrealcbof.txtExploit
cve@mitre.orghttp://osvdb.org/66039
cve@mitre.orghttp://secunia.com/advisories/40466Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/60142
af854a3a-2127-422b-91ae-364da2661108http://aluigi.altervista.org/adv/unrealcbof-adv.txtExploit
af854a3a-2127-422b-91ae-364da2661108http://aluigi.org/poc/unrealcbof.txtExploit
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/66039
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/40466Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/60142
Impacted products
Vendor Product Version
epicgames unreal_engine 1
epicgames unreal_engine 2
epicgames unreal_engine 2.5
epicgames postal_2 *
epicgames raven_shield *
epicgames swat_4 *
epicgames unreal_tournament_2003 *
epicgames unreal_tournament_2004 *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:epicgames:unreal_engine:1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09B8824F-CCAA-4756-BD0B-000CD162FAAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:epicgames:unreal_engine:2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DB76B1A-D2AF-4BC7-B3FB-F9C3D8B7077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:epicgames:unreal_engine:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C9F2B6F-7334-43F0-AE5E-70EDC79052A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:epicgames:postal_2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8DE3D5B-0A6C-4BD2-8AEF-DE4EFD93D137",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:epicgames:raven_shield:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4FC0308-0B20-467D-AB64-68F939E7785A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:epicgames:swat_4:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2478849A-9FAB-45B3-A99B-07CCD1981A28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:epicgames:unreal_tournament_2003:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "62D13823-D9BD-427E-8CC5-8590D0C3037C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:epicgames:unreal_tournament_2004:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6949154C-5F12-441D-8BAF-A096CE25DCCD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the UGameEngine::UpdateConnectingMessage function in the Unreal engine 1, 2, and 2.5, as used in multiple games including Unreal Tournament 2004, Unreal tournament 2003, Postal 2, Raven Shield, and SWAT4, when downloads are enabled, allows remote attackers to execute arbitrary code via a long LEVEL field in a WELCOME response to a download request."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer en la funci\u00f3n UGameEngine::UpdateConnectingMessage en el motor de Unreal v1, v2 y v2.5, tal como se utiliza en m\u00faltiples juegos, incluyendo Unreal Tournament 2004, Unreal tournament 2003, Postal 2, Raven Shield y SWAT4, cuando las descargas est\u00e1n permitidas, permite ejecutar c\u00f3digo arbitrario a atacantes remotos a trav\u00e9s de un campo LEVEL demasiado largo en una respuesta WELCOME a una solicitud de descarga."
    }
  ],
  "id": "CVE-2010-2702",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-07-12T17:30:03.187",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://aluigi.altervista.org/adv/unrealcbof-adv.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://aluigi.org/poc/unrealcbof.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/66039"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/40466"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60142"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://aluigi.altervista.org/adv/unrealcbof-adv.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://aluigi.org/poc/unrealcbof.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/66039"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/40466"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60142"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.