Vulnerabilities > CVE-2004-1958 - Remote Arbitrary File Overwrite vulnerability in Epic Games products

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
epic-games
exploit available

Summary

Directory traversal vulnerability in manifest.ini in Unreal engine allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in a UMOD (Unreal MOD) file.

Exploit-Db

descriptionEpic Games Unreal Tournament Engine 3 UMOD Manifest.INI Remote Arbitrary File Overwrite Vulnerability. CVE-2004-1958. Remote exploits for multiple platform
idEDB-ID:24041
last seen2016-02-02
modified2004-04-22
published2004-04-22
reporterLuigi Auriemma
sourcehttps://www.exploit-db.com/download/24041/
titleEpic Games Unreal Tournament Engine 3 - UMOD Manifest.INI Remote Arbitrary File Overwrite Vulnerability