CVE-2004-0608

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2004-0608
The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces 20000 and earlier, Nerf Arena Blast 1.2 and earlier, Postal 2 1337 and earlier, Rune 107 and earlier, Tactical Ops 3.4.0 and earlier, Unreal 1 226f and earlier, Unreal II XMP 7710 and earlier, Unreal Tournament 451b and earlier, Unreal Tournament 2003 2225 and earlier, Unreal Tournament 2004 before 3236, Wheel of Time 333b and earlier, and X-com Enforcer, allows remote attackers to execute arbitrary code via a UDP packet containing a secure query with a long value, which overwrites memory.

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://aluigi.altervista.org/adv/unsecure-adv.txt Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200407-14.xml Patch Vendor Advisory
http://www.securityfocus.com/bid/10570 Exploit Vendor Advisory
http://marc.info/?l=bugtraq&m=108787105023304&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/16451
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:epic_games:unreal_tournament_2003:2199_linux:*:*:*:*:*:*:*
cpe:2.3:a:epic_games:unreal_tournament_2003:2199_macos:*:*:*:*:*:*:*
cpe:2.3:a:infogrames:x-com_enforcer:*:*:*:*:*:*:*:*
cpe:2.3:a:ion_storm:deusex:1.112_fm:*:*:*:*:*:*:*
cpe:2.3:a:epic_games:unreal_engine:226f:*:*:*:*:*:*:*
cpe:2.3:a:epic_games:unreal_engine:433:*:*:*:*:*:*:*
cpe:2.3:a:epic_games:unreal_tournament_2003:2225_win32:*:*:*:*:*:*:*
cpe:2.3:a:epic_games:unreal_tournament_2004:macos:*:*:*:*:*:*:*
cpe:2.3:a:robert_jordan:wheel_of_time:333.0b:*:*:*:*:*:*:*
cpe:2.3:a:running_with_scissors:postal_2:1337:*:*:*:*:*:*:*
cpe:2.3:a:arush:devastation:390.0:*:*:*:*:*:*:*
cpe:2.3:a:epic_games:unreal_engine:436:*:*:*:*:*:*:*
cpe:2.3:a:rage_software:mobile_forces:20000.0:*:*:*:*:*:*:*
cpe:2.3:a:epic_games:unreal_tournament_2003:2225_macos:*:*:*:*:*:*:*
cpe:2.3:a:infogrames:tacticalops:3.4:*:*:*:*:*:*:*
cpe:2.3:a:epic_games:unreal_tournament:451b:*:*:*:*:*:*:*
cpe:2.3:a:epic_games:unreal_tournament_2004:win32:*:*:*:*:*:*:*
cpe:2.3:a:epic_games:unreal_tournament_2003:2199_win32:*:*:*:*:*:*:*
cpe:2.3:a:nerf_arena_blast:nerf_arena_blast:1.2:*:*:*:*:*:*:*
cpe:2.3:a:dreamforge:tnn_outdoors_pro_hunter:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*
Information

Published : 2004-12-05 21:00

Updated : 2017-07-10 18:30

NVD link : CVE-2004-0608

Mitre link : CVE-2004-0608

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

running_with_scissors

  • postal_2

infogrames

  • x-com_enforcer
  • tacticalops

arush

  • devastation

rage_software

  • mobile_forces

epic_games

  • unreal_tournament
  • unreal_engine
  • unreal_tournament_2003
  • unreal_tournament_2004

nerf_arena_blast

  • nerf_arena_blast

gentoo

  • linux

ion_storm

  • deusex

robert_jordan

  • wheel_of_time

dreamforge

  • tnn_outdoors_pro_hunter