Denial of Service Vulnerability in Unreal Tournament 3 by Epic Games
CVE-2008-3410

Currently unrated

Key Information:

Vendor: Epic Games
Status: Unreal Tournament 3
Vendor: CVE Published:; 31 July 2008

What is CVE-2008-3410?

A vulnerability in Unreal Tournament 3 allows remote attackers to exploit a NULL pointer dereference via a malicious UDP packet. If the size field specified in the packet exceeds the total packet length, the game daemon crashes, resulting in a denial of service. This issue affects versions 1.3beta4 and earlier, posing risks to server stability during gameplay.

References

http://aluigi.altervista.org/adv/ut3mendo-adv.txt

x_refsource_MISC

http://aluigi.org/poc/ut3mendo.zip

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/44104

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 31, 2008
Vulnerability Reserved
Jul 31, 2008

JSON