Lucene search

[email protected]CVE-2003-1433

HistoryDec 31, 2003 - 5:00 a.m.

CVE-2003-1433

2003-12-3105:00:00

CWE-287

[email protected]

web.nvd.nist.gov

epic games

unreal engine

cve-2003-1433

nvd

remote attacker

player limit exhaustion

7 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.014 Low

EPSS

Percentile

86.4%

JSON

Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times.

CPENameOperatorVersion
epic_games:unreal_engineepic games unreal engineeq436
epic_games:unreal_engineepic games unreal engineeq226f
epic_games:unreal_engineepic games unreal engineeq433

CPE	Name	Operator	Version
epic_games:unreal_engine	epic games unreal engine	eq	436
epic_games:unreal_engine	epic games unreal engine	eq	226f
epic_games:unreal_engine	epic games unreal engine	eq	433

References

archives.neohapsis.com/archives/bugtraq/2003-02/0063.html

archives.neohapsis.com/archives/bugtraq/2003-02/0142.html

www.pivx.com/luigi/adv/ueng-adv.txt

www.securityfocus.com/bid/6771

exchange.xforce.ibmcloud.com/vulnerabilities/11304

7 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.014 Low

EPSS

Percentile

86.4%

JSON

Related for CVE-2003-1433

cvelist1 nessus1