Lucene search

[email protected]CVE-2008-7011

HistoryAug 19, 2009 - 10:30 a.m.

CVE-2008-7011

2009-08-1910:30:00

CWE-399

[email protected]

web.nvd.nist.gov

unreal engine

denial of service

remote authentication

cve-2008-7011

nvd

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

High

0.058 Low

EPSS

Percentile

93.4%

JSON

The Unreal engine, as used in Unreal Tournament 3 1.3, Unreal Tournament 2003 and 2004, Dead Man’s Hand, Pariah, WarPath, Postal2, and Shadow Ops, allows remote authenticated users to cause a denial of service (server exit) via multiple file downloads from the server, which triggers an assertion failure when the Closing flag in UnChan.cpp is set.

Affected configurations

NVD

Node

digital_extremepariah

epic_gamesunreal_tournamentMatch31.3

epic_gamesunreal_tournamentMatch2003

epic_gamesunreal_tournamentMatch2004

groove_gameswarpath

human_head_studiosdead_mans_hand

red_mercuryshadow_ops

whiptail_interactivepostalMatch2

CPENameOperatorVersion
digital_extreme:pariahdigital extreme pariaheq*
epic_games:unreal_tournamentepic games unreal tournamenteq3
epic_games:unreal_tournamentepic games unreal tournamenteq2003
epic_games:unreal_tournamentepic games unreal tournamenteq2004
groove_games:warpathgroove games warpatheq*
human_head_studios:dead_mans_handhuman head studios dead mans handeq*
red_mercury:shadow_opsred mercury shadow opseq*
whiptail_interactive:postalwhiptail interactive postaleq2

CPE	Name	Operator	Version
digital_extreme:pariah	digital extreme pariah	eq	*
epic_games:unreal_tournament	epic games unreal tournament	eq	3
epic_games:unreal_tournament	epic games unreal tournament	eq	2003
epic_games:unreal_tournament	epic games unreal tournament	eq	2004
groove_games:warpath	groove games warpath	eq	*
human_head_studios:dead_mans_hand	human head studios dead mans hand	eq	*
red_mercury:shadow_ops	red mercury shadow ops	eq	*
whiptail_interactive:postal	whiptail interactive postal	eq	2

References

archives.neohapsis.com/archives/fulldisclosure/2008-09/0321.html

osvdb.org/48293

www.securityfocus.com/archive/1/496399/100/0/threaded

www.securityfocus.com/bid/31205

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

High

0.058 Low

EPSS

Percentile

93.4%

JSON

Related for CVE-2008-7011

cvelist1 prion1 nvd1