Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3409

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-3409
Last Modified 07 Mar 2011 10:10:44
Published 31 Jul 2008 01:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3409

Summary

Buffer overflow in Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a UDP packet containing a large value in a certain size field, followed by a data string of that size, aka attack 1 in ut3mendo.c.

Vulnerable Systems

Application

  • Epic Games Unreal Tournament 3 1.1

  • Epic Games Unreal Tournament 3 1.2

  • Epic Games Unreal Tournament 3 1.3


References

XF - unrealtournament3-packettype-code-execution(44105)

VUPEN - ADV-2008-2260

BID - 30430

BUGTRAQ - 20080729 Memory corruption and NULL pointer in Unreal Tournament III 1.2

SECUNIA - 31265

MISC - http://aluigi.org/poc/ut3mendo.zip

MISC - http://aluigi.altervista.org/adv/ut3mendo-adv.txt


Last Updated: 27 May 2016 10:48:12