CVSS: 4.0EPSS: 5%CPEs: 8EXPL: 3CVE-2008-7011 – Unreal Engine - 'UnChan.cpp' Failed Assertion Remote Denial of Service
https://notcve.org/view.php?id=CVE-2008-7011
The Unreal engine, as used in Unreal Tournament 3 1.3, Unreal Tournament 2003 and 2004, Dead Man's Hand, Pariah, WarPath, Postal2, and Shadow Ops, allows remote authenticated users to cause a denial of service (server exit) via multiple file downloads from the server, which triggers an assertion failure when the Closing flag in UnChan.cpp is set. El motor de Unreal, el utilizado en Unreal Tournament v3 1.3, Unreal Tournament 2003 y 2004, Dead Man's Hand, Pariah, WarPath, Postal2, y Shadow Ops, permite a usuarios remotos autenticados producir una denegación de servicio (salida de servidor) a través de múltiples descargas de ficheros desde el servidor, lo que inicia un fallo de aserción cuando la marca (flag) de cierre en UnChan.cpp esta activado. • https://www.exploit-db.com/exploits/32386 http://archives.neohapsis.com/archives/fulldisclosure/2008-09/0321.html http://osvdb.org/48293 http://www.securityfocus.com/archive/1/496399/100/0/threaded http://www.securityfocus.com/bid/31205 • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 1%CPEs: 7EXPL: 3CVE-2004-1958 – Epic Games Unreal Tournament Engine 3 - UMOD Manifest.INI Arbitrary File Overwrite
https://notcve.org/view.php?id=CVE-2004-1958
Directory traversal vulnerability in manifest.ini in Unreal engine allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in a UMOD (Unreal MOD) file. • https://www.exploit-db.com/exploits/24041 http://aluigi.altervista.org/adv/umod-adv.txt http://marc.info/?l=bugtraq&m=108267310519459&w=2 http://www.securityfocus.com/bid/10196 https://exchange.xforce.ibmcloud.com/vulnerabilities/15942 •
CVSS: 10.0EPSS: 62%CPEs: 21EXPL: 4CVE-2004-0608 – Unreal Tournament 2004 (Linux) - 'secure' Remote Overflow
https://notcve.org/view.php?id=CVE-2004-0608
The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces 20000 and earlier, Nerf Arena Blast 1.2 and earlier, Postal 2 1337 and earlier, Rune 107 and earlier, Tactical Ops 3.4.0 and earlier, Unreal 1 226f and earlier, Unreal II XMP 7710 and earlier, Unreal Tournament 451b and earlier, Unreal Tournament 2003 2225 and earlier, Unreal Tournament 2004 before 3236, Wheel of Time 333b and earlier, and X-com Enforcer, allows remote attackers to execute arbitrary code via a UDP packet containing a secure query with a long value, which overwrites memory. El Motor de Unreal, usado en in DeusEx 1.112fm y anteriores, , Devastation 390 y anteriores, Mobile Forces 20000 y anteriores, Nerf Arena Blast 1.2 y anteriores, Postal 2 1337 y anteriores, Rune 107 y anteriores, Tactical Ops 3.4.0 y anteriores, Unreal 1 226f y anteriores, Unreal II XMP 7710 y anteriores, Unreal Tournament 451b y anteriores, Unreal Tournament 2003 2225 y anteriores, Unreal Tournament 2004 anteriores a 3236, Wheel of Time 333b y anteriores, and X-com Enforcer permite a atacantes remotos ejecutar código de su elección mediante un paquete UDP conteniendo una consulta segura con un valor largo, lo que sobreescribe memoria. • https://www.exploit-db.com/exploits/16848 https://www.exploit-db.com/exploits/10032 https://www.exploit-db.com/exploits/16693 http://aluigi.altervista.org/adv/unsecure-adv.txt http://marc.info/?l=bugtraq&m=108787105023304&w=2 http://www.gentoo.org/security/en/glsa/glsa-200407-14.xml http://www.securityfocus.com/bid/10570 https://exchange.xforce.ibmcloud.com/vulnerabilities/16451 •