6.7 Medium
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.045 Low
EPSS
Percentile
92.5%
The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote attackers to cause a denial of service (continuous beep and server slowdown) via a string containing many 0x07 characters in (1) a request to the images/ directory, (2) the Content-Type field, (3) a HEAD request, and possibly other unspecified vectors.
CPE | Name | Operator | Version |
---|---|---|---|
epic_games:unreal_engine | epic games unreal engine | eq | 2003 |
epic_games:unreal_engine | epic games unreal engine | eq | 2004 |
aluigi.org/adv/unrwebdos-adv.txt
aluigi.org/poc/unrwebdos.zip
secunia.com/advisories/26506
securityreason.com/securityalert/3039
www.securityfocus.com/archive/1/477026/100/0/threaded
www.securityfocus.com/archive/1/478053/100/200/threaded
www.securityfocus.com/archive/1/478064/100/200/threaded
exchange.xforce.ibmcloud.com/vulnerabilities/36103