Stack-based Buffer Overflow in Unreal Engine's Logging Function
CVE-2007-4442

Currently unrated

Key Information:

Vendor

Epic Games

Status
Unreal Engine
Vendor
CVE Published:
21 August 2007

What is CVE-2007-4442?

A stack-based buffer overflow vulnerability exists in the logging function of Unreal Engine, affecting versions 2003 and 2004. This security issue arises from the internal web server's handling of long .gif filenames in the images/ directory. An attacker can exploit this vulnerability by sending a specially crafted request that causes a denial of service, leading to an application crash. The flaw is related to the conversion process from Unicode to ASCII, which is inadequate for handling excessively long input. Remediation steps should be taken to mitigate the risk posed by potential exploitation.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/36102
vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/477026/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/26506
third-party-advisoryx_refsource_SECUNIA

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2007-4442 : Stack-based Buffer Overflow in Unreal Engine's Logging Function