Directory Traversal in ImageServer of Epic Games Unreal Tournament 3
CVE-2008-4243

Currently unrated

Key Information:

Vendor: Epic Games
Status: Unreal Tournament 3
Vendor: CVE Published:; 25 September 2008

What is CVE-2008-4243?

A directory traversal vulnerability exists in ImageServer (also known as UTImageServer) within the WebAdmin interface for Epic Games' Unreal Tournament 3 prior to version 1.7. This vulnerability allows remote attackers to read arbitrary files on the server by manipulating the URI with '../' sequences. Successful exploitation can lead to the exposure of sensitive data, which poses significant security risks.

References

http://securityreason.com/securityalert/4317

third-party-advisoryx_refsource_SREASON

https://exchange.xforce.ibmcloud.com/vulnerabilities/45292

vdb-entryx_refsource_XF

http://aluigi.org/adv/ut3webown-adv.txt

x_refsource_MISC

EPSS Score

17% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 25, 2008
Vulnerability Reserved
Sep 25, 2008

JSON