Epic Games Unreal Engine Logging Function - Remote Denial of Service Vulnerability

2014-07-01T00:00:00
ID SSV:83896
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/25374/info

The Unreal Engine is prone to a remote denial-of-service vulnerability because the application fails to properly bounds-check user-supplied input.

Successfully exploiting this issue allows remote attackers to corrupt application memory in a manner that causes a crash. Remote code execution may be possible, but this has not been confirmed.

Versions of Unreal Engine that are included in Unreal Tournament 2003 and 2004 are vulnerable. Given the reuse of the engine in multiple other products, other games and versions are also likely vulnerable.

This vulnerability also affects America's Army 2.8.2 when Punkbuster is enabled on the local server; other versions may also be vulnerable. 

http://www.exploit-db.com/sploits/30513-1.zip
http://www.exploit-db.com/sploits/30513-2.zip