Vulnerabilities > Epic Games

DATE CVE VULNERABILITY TITLE RISK
2009-08-19 CVE-2008-7015 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Unreal engine 3, as used in Unreal Tournament 3 1.3, Frontlines: Fuel of War 1.1.1, and other products, allows remote attackers to cause a denial of service (server exit) via a packet with a large length value that triggers a memory allocation failure.
network
low complexity
epic-games frontlines CWE-119
5.0
2009-08-19 CVE-2008-7011 Resource Management Errors vulnerability in multiple products
The Unreal engine, as used in Unreal Tournament 3 1.3, Unreal Tournament 2003 and 2004, Dead Man's Hand, Pariah, WarPath, Postal2, and Shadow Ops, allows remote authenticated users to cause a denial of service (server exit) via multiple file downloads from the server, which triggers an assertion failure when the Closing flag in UnChan.cpp is set.
4.0
2008-09-25 CVE-2008-4243 Path Traversal vulnerability in Epic Games Unreal Tournament 3 1.3
Directory traversal vulnerability in ImageServer (aka UTImageServer) in WebAdmin before 1.7 for Epic Games Unreal Tournament 3 (UT3) 1.3 allows remote attackers to read arbitrary files via a ..
network
low complexity
epic-games CWE-22
7.8
2008-07-31 CVE-2008-3410 Improper Input Validation vulnerability in Epic Games Unreal Tournament 3 1.1/1.2
Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a UDP packet in which the value of a certain size field is greater than the total packet length, aka attack 2 in ut3mendo.c.
network
low complexity
epic-games CWE-20
5.0
2008-07-31 CVE-2008-3409 Buffer Errors vulnerability in Epic Games Unreal Tournament 3 1.1/1.2
Buffer overflow in Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a UDP packet containing a large value in a certain size field, followed by a data string of that size, aka attack 1 in ut3mendo.c.
network
low complexity
epic-games CWE-119
7.5
2008-07-31 CVE-2008-3396 Improper Input Validation vulnerability in Epic Games Unreal Tournament 2004 3120/3334
Unreal Tournament 2004 (UT2004) 3369 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a certain sequence of malformed packets.
network
low complexity
epic-games CWE-20
5.0
2007-08-21 CVE-2007-4443 Denial-Of-Service vulnerability in Epic Games Unreal Engine 2003/2004
The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote attackers to cause a denial of service (continuous beep and server slowdown) via a string containing many 0x07 characters in (1) a request to the images/ directory, (2) the Content-Type field, (3) a HEAD request, and possibly other unspecified vectors.
network
low complexity
epic-games
5.0
2007-08-21 CVE-2007-4442 Remote Denial of Service vulnerability in Epic Games Unreal Engine 2003/2004
Stack-based buffer overflow in the logging function in the Unreal engine, possibly 2003 and 2004, as used in the internal web server, allows remote attackers to cause a denial of service (application crash) via a request for a long .gif filename in the images/ directory, related to conversion from Unicode to ASCII.
network
low complexity
epic-games
5.0
2004-12-31 CVE-2004-1958 Remote Arbitrary File Overwrite vulnerability in Epic Games products
Directory traversal vulnerability in manifest.ini in Unreal engine allows remote attackers to overwrite arbitrary files via ..
network
low complexity
epic-games
5.0
2004-12-31 CVE-2004-1805 Remote Format String vulnerability in Epic Games Unreal Engine 226F/433/436
Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in class names.
network
low complexity
epic-games
5.0