CVE-2007-4442 Information

Description

Stack-based buffer overflow in the logging function in the Unreal engine possibly 2003 and 2004 as used in the internal web server allows remote attackers to cause a denial of service (application crash) via a request for a long .gif filename in the images/ directory related to conversion from Unicode to ASCII.

Reference

http://aluigi.org/adv/unrwebdos-adv.txt http://aluigi.org/poc/unrwebdos.zip http://secunia.com/advisories/26506 http://securityreason.com/securityalert/3039 http://www.securityfocus.com/archive/1/477026/100/0/threaded http://www.securityfocus.com/bid/25374 https://exchange.xforce.ibmcloud.com/vulnerabilities/36102