Vulnerabilities > CVE-2003-1432 - Numeric Errors vulnerability in Epic Games Unreal Engine and Unreal Tournament 2003

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

epic-games

CWE-189

nessus

NVD

Published: 2003-12-31

Updated: 2024-11-20

Summary

Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size value, which is treated as a large positive number during memory allocation, or (2) a negative size value in a package file.

Vulnerable Configurations

Part	Description	Count
Application	Epic_Games Epic Games Unreal Engine 436 Epic Games Unreal Engine 226F Epic Games Unreal Engine 433 Epic Games Unreal Tournament 2003 2199_Linux Epic Games Unreal Tournament 2003 2199_Win32 Epic Games Unreal Tournament 2003 Demo_Version_2206_Linux Epic Games Unreal Tournament 2003 Demo_Version_2206_Win32	7

Common Weakness Enumeration (CWE)

CWE-189 - Numeric Errors

Nessus

NASL family	Gain a shell remotely
NASL id	UNREAL_GAME_ENGINE.NASL
description	The Unreal Engine in use on the remote game server is vulnerable to various attacks that may allow an attacker to use it as a distributed denial of service source or to execute arbitrary code on this host. Note that Nessus appears to have disabled this service while testing for these flaws.
last seen	2020-06-01
modified	2020-06-02
plugin id	11228
published	2003-02-12
reporter	This script is Copyright (C) 2003-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/11228
title	Unreal Engine Multiple Remote Vulnerabilities

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References