RSS   Vulnerabilities for 'Unreal engine'   RSS

2010-07-12
 
CVE-2010-2702

CWE-119
 

 
Buffer overflow in the UGameEngine::UpdateConnectingMessage function in the Unreal engine 1, 2, and 2.5, as used in multiple games including Unreal Tournament 2004, Unreal tournament 2003, Postal 2, Raven Shield, and SWAT4, when downloads are enabled, allows remote attackers to execute arbitrary code via a long LEVEL field in a WELCOME response to a download request.

 
2009-03-09
 
CVE-2008-6441

CWE-134
 

 
Format string vulnerability in the Epic Games Unreal engine client, as used in multiple games, allows remote servers to execute arbitrary code via (1) the CLASS parameter in a DLMGR command, (2) a malformed package (PKG), and possibly (3) the LEVEL parameter in a WELCOME command.

 

 >>> Vendor: Epicgames 6 Products
Unreal engine
Unreal tournament 2003
Unreal tournament 2004
Postal 2
Swat 4
Raven shield


Copyright 2024, cxsecurity.com

 

Back to Top