CVE-2010-2702 - Vulnerability Details - OpenCVE

Buffer overflow in the UGameEngine::UpdateConnectingMessage function in the Unreal engine 1, 2, and 2.5, as used in multiple games including Unreal Tournament 2004, Unreal tournament 2003, Postal 2, Raven Shield, and SWAT4, when downloads are enabled, allows remote attackers to execute arbitrary code via a long LEVEL field in a WELCOME response to a download request.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Epicgames	Postal 2 Raven Shield Swat 4 Unreal Engine Unreal Tournament 2003 Unreal Tournament 2004

Configuration 1 [-]

AND

OR	cpe:2.3:a:epicgames:unreal_engine:1:::::::*
	cpe:2.3:a:epicgames:unreal_engine:2:::::::*
	cpe:2.3:a:epicgames:unreal_engine:2.5:::::::*

OR	cpe:2.3:a:epicgames:postal_2::::::::
	cpe:2.3:a:epicgames:raven_shield::::::::
	cpe:2.3:a:epicgames:swat_4::::::::
	cpe:2.3:a:epicgames:unreal_tournament_2003::::::::
	cpe:2.3:a:epicgames:unreal_tournament_2004::::::::

No data.

References

Link	Providers
http://aluigi.altervista.org/adv/unrealcbof-adv.txt
http://aluigi.org/poc/unrealcbof.txt
http://osvdb.org/66039
http://secunia.com/advisories/40466
https://exchange.xforce.ibmcloud.com/vulnerabilities/60142

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-07-12T17:00:00

Updated: 2024-08-07T02:39:37.985Z

Reserved: 2010-07-12T00:00:00

Link: CVE-2010-2702

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2010-07-12T17:30:03.187

Modified: 2025-04-11T00:51:21.963

Link: CVE-2010-2702

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-07-06T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in the UGameEngine::UpdateConnectingMessage function in the Unreal engine 1, 2, and 2.5, as used in multiple games including Unreal Tournament 2004, Unreal tournament 2003, Postal 2, Raven Shield, and SWAT4, when downloads are enabled, allows remote attackers to execute arbitrary code via a long LEVEL field in a WELCOME response to a download request."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "66039", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/66039"}, {"name": "40466", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/40466"}, {"tags": ["x_refsource_MISC"], "url": "http://aluigi.altervista.org/adv/unrealcbof-adv.txt"}, {"tags": ["x_refsource_MISC"], "url": "http://aluigi.org/poc/unrealcbof.txt"}, {"name": "unrealengine-ugameengineupdate-bo(60142)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60142"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-2702", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in the UGameEngine::UpdateConnectingMessage function in the Unreal engine 1, 2, and 2.5, as used in multiple games including Unreal Tournament 2004, Unreal tournament 2003, Postal 2, Raven Shield, and SWAT4, when downloads are enabled, allows remote attackers to execute arbitrary code via a long LEVEL field in a WELCOME response to a download request."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "66039", "refsource": "OSVDB", "url": "http://osvdb.org/66039"}, {"name": "40466", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/40466"}, {"name": "http://aluigi.altervista.org/adv/unrealcbof-adv.txt", "refsource": "MISC", "url": "http://aluigi.altervista.org/adv/unrealcbof-adv.txt"}, {"name": "http://aluigi.org/poc/unrealcbof.txt", "refsource": "MISC", "url": "http://aluigi.org/poc/unrealcbof.txt"}, {"name": "unrealengine-ugameengineupdate-bo(60142)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60142"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T02:39:37.985Z"}, "title": "CVE Program Container", "references": [{"name": "66039", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/66039"}, {"name": "40466", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/40466"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://aluigi.altervista.org/adv/unrealcbof-adv.txt"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://aluigi.org/poc/unrealcbof.txt"}, {"name": "unrealengine-ugameengineupdate-bo(60142)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60142"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-2702", "datePublished": "2010-07-12T17:00:00", "dateReserved": "2010-07-12T00:00:00", "dateUpdated": "2024-08-07T02:39:37.985Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:epicgames:unreal_engine:1:*:*:*:*:*:*:*", "matchCriteriaId": "09B8824F-CCAA-4756-BD0B-000CD162FAAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:epicgames:unreal_engine:2:*:*:*:*:*:*:*", "matchCriteriaId": "0DB76B1A-D2AF-4BC7-B3FB-F9C3D8B7077A", "vulnerable": true}, {"criteria": "cpe:2.3:a:epicgames:unreal_engine:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8C9F2B6F-7334-43F0-AE5E-70EDC79052A7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:epicgames:postal_2:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8DE3D5B-0A6C-4BD2-8AEF-DE4EFD93D137", "vulnerable": true}, {"criteria": "cpe:2.3:a:epicgames:raven_shield:*:*:*:*:*:*:*:*", "matchCriteriaId": "C4FC0308-0B20-467D-AB64-68F939E7785A", "vulnerable": true}, {"criteria": "cpe:2.3:a:epicgames:swat_4:*:*:*:*:*:*:*:*", "matchCriteriaId": "2478849A-9FAB-45B3-A99B-07CCD1981A28", "vulnerable": true}, {"criteria": "cpe:2.3:a:epicgames:unreal_tournament_2003:*:*:*:*:*:*:*:*", "matchCriteriaId": "62D13823-D9BD-427E-8CC5-8590D0C3037C", "vulnerable": true}, {"criteria": "cpe:2.3:a:epicgames:unreal_tournament_2004:*:*:*:*:*:*:*:*", "matchCriteriaId": "6949154C-5F12-441D-8BAF-A096CE25DCCD", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in the UGameEngine::UpdateConnectingMessage function in the Unreal engine 1, 2, and 2.5, as used in multiple games including Unreal Tournament 2004, Unreal tournament 2003, Postal 2, Raven Shield, and SWAT4, when downloads are enabled, allows remote attackers to execute arbitrary code via a long LEVEL field in a WELCOME response to a download request."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer en la funci\u00f3n UGameEngine::UpdateConnectingMessage en el motor de Unreal v1, v2 y v2.5, tal como se utiliza en m\u00faltiples juegos, incluyendo Unreal Tournament 2004, Unreal tournament 2003, Postal 2, Raven Shield y SWAT4, cuando las descargas est\u00e1n permitidas, permite ejecutar c\u00f3digo arbitrario a atacantes remotos a trav\u00e9s de un campo LEVEL demasiado largo en una respuesta WELCOME a una solicitud de descarga."}], "id": "CVE-2010-2702", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-07-12T17:30:03.187", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://aluigi.altervista.org/adv/unrealcbof-adv.txt"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://aluigi.org/poc/unrealcbof.txt"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/66039"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/40466"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60142"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://aluigi.altervista.org/adv/unrealcbof-adv.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://aluigi.org/poc/unrealcbof.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/66039"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/40466"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60142"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}