Format String Vulnerability in Epic Games Unreal Engine 436
CVE-2004-1805

Currently unrated

Key Information:

Vendor: Epic Games
Status: Unreal Engine
Vendor: CVE Published:; 31 December 2004

What is CVE-2004-1805?

A format string vulnerability exists in games utilizing Epic Games Unreal Engine 436. This flaw enables remote attackers to exploit format string specifiers in class names, leading to potential denial of service through application crashes and the possibility of executing arbitrary code. Proper validation and sanitization measures should be implemented to mitigate the associated risks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/15430

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=107893764406905&w=2

mailing-listx_refsource_BUGTRAQ

http://aluigi.altervista.org/adv/unrfs-adv.txt

x_refsource_MISC

EPSS Score

12% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
May 4, 2005
Vulnerability published
Dec 31, 2004

JSON