Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1958

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-1958
Last Modified 05 Sep 2008 04:42:48
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1958

Summary

Directory traversal vulnerability in manifest.ini in Unreal engine allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in a UMOD (Unreal MOD) file.

Vulnerable Systems

Application

  • Epic Games Unreal Engine 433

  • Epic Games Unreal Engine 436

  • Epic Games Unreal Tournament 2003 2199 Macos

  • Epic Games Unreal Tournament 2003 2199 Win32

  • Epic Games Unreal Tournament 2003 2225 Macos

  • Epic Games Unreal Tournament 2003 2225 Win32

  • Epic Games Unreal Tournament 451b


References

XF - unreal-umod-dotdot-file-overwrite(15942)

BID - 10196

MISC - http://aluigi.altervista.org/adv/umod-adv.txt

BUGTRAQ - 20040422 Arbitrary file overwriting in Unreal engine through UMOD


Last Updated: 27 May 2016 10:39:15