CVE-2007-4442 - Stack-based buffer overflow in the logging function in the Unreal engine, possibly 2003 and 2004, as

CVE-2007-4442

Summary

Stack-based buffer overflow in the logging function in the Unreal engine, possibly 2003 and 2004, as used in the internal web server, allows remote attackers to cause a denial of service (application crash) via a request for a long .gif filename in the images/ directory, related to conversion from Unicode to ASCII.

References

Vulnerable Configurations

cpe:2.3:a:epic_games:unreal_engine:2003:*:*:*:*:*:*:*
cpe:2.3:a:epic_games:unreal_engine:2003:*:*:*:*:*:*:*
cpe:2.3:a:epic_games:unreal_engine:2004:*:*:*:*:*:*:*
cpe:2.3:a:epic_games:unreal_engine:2004:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 15-10-2018 - 21:35)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	25374
bugtraq	20070818 Unexploitable buffer-overflow in the logging function of the Unreal engine
misc	http://aluigi.org/adv/unrwebdos-adv.txt http://aluigi.org/poc/unrwebdos.zip
secunia	26506
sreason	3039
xf	unreal-logging-bo(36102)

Last major update

15-10-2018 - 21:35

Published

21-08-2007 - 00:17

Last modified

15-10-2018 - 21:35