Published: 31/12/2004 Updated: 11/07/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Directory traversal vulnerability in manifest.ini in Unreal engine allows remote malicious users to overwrite arbitrary files via .. (dot dot) sequences in a UMOD (Unreal MOD) file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
epic games unreal engine 436
epic games unreal tournament 2003 2199 macos
epic games unreal tournament 2003 2225 macos
epic games unreal tournament 451b
epic games unreal tournament 2003 2199 win32
epic games unreal engine 433
epic games unreal tournament 2003 2225 win32

source: wwwsecurityfocuscom/bid/10196/info Reportedly the Unreal Tournament Engine is affected by a local file overwrite vulnerability due to the UMOD manifestini file This issue is due to an input validation error that allows a malicious user specify arbitrary files for writing, potentially leading to a system wide denial of service co ...

NVD-CWE-Other http://aluigi.altervista.org/adv/umod-adv.txt http://www.securityfocus.com/bid/10196 http://marc.info/?l=bugtraq&m=108267310519459&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/15942 https://nvd.nist.gov https://www.exploit-db.com/exploits/24041/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-1958

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect