CVE-2008-6441 Information
Description
Format string vulnerability in the Epic Games Unreal engine client as used in multiple games allows remote servers to execute arbitrary code via (1) the CLASS parameter in a DLMGR command (2) a malformed package (PKG) and possibly (3) the LEVEL parameter in a WELCOME command.
Reference
http://aluigi.altervista.org/adv/unrealcfs-adv.txt http://archives.neohapsis.com/archives/fulldisclosure/2008-09/0190.html http://secunia.com/advisories/31854 http://www.osvdb.org/48290 http://www.osvdb.org/48291 http://www.securityfocus.com/archive/1/496297/100/0/threaded http://www.securityfocus.com/bid/31141 https://exchange.xforce.ibmcloud.com/vulnerabilities/45088 https://exchange.xforce.ibmcloud.com/vulnerabilities/45089 https://exchange.xforce.ibmcloud.com/vulnerabilities/45090
Share on: