Denial of Service Vulnerability in Unreal Engine Dedicated Server by Epic Games
CVE-2007-4443

Currently unrated

Key Information:

Vendor: Epic Games
Status: Unreal Engine
Vendor: CVE Published:; 21 August 2007

What is CVE-2007-4443?

The Unreal Engine dedicated server for versions 2003 and 2004 presents a vulnerability that allows remote attackers to induce a denial of service. Attackers can exploit this flaw by sending a specially crafted string containing multiple 0x07 characters through various request mechanisms, such as the images/ directory, the Content-Type field, and HEAD requests. This results in the server experiencing continuous beeping and performance degradation, which disrupts normal operations.

References

http://www.securityfocus.com/archive/1/477026/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/26506

third-party-advisoryx_refsource_SECUNIA

http://securityreason.com/securityalert/3039

third-party-advisoryx_refsource_SREASON

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 21, 2007
Vulnerability Reserved
Aug 20, 2007

JSON