Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2003-1432

CVE information

Published

18 years ago

Last Modified

5 years ago

CVSSv2.0 Severity

High

Impact Analysis

Description

Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size value, which is treated as a large positive number during memory allocation, or (2) a negative size value in a package file..

CVSSv2.0 Score

Severity
High
Base Score
10/10
Exploit Score
10/10
Access Vector
Network
Access Complexity
Low
Authentication Required
None
Impact Score
10/10
Confidentiality Impact
Complete
Availability Impact
Complete
Integrity Impact
Complete

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:epic_games:unreal_engine:436:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:epic_games:unreal_tournament_2003:2199_linux:*:*:*
  Yes
- -
cpe:2.3:a:epic_games:unreal_tournament_2003:2199_win32:*:*:*
  Yes
- -
cpe:2.3:a:epic_games:unreal_engine:226f:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:epic_games:unreal_tournament_2003:demo_version_220
  Yes
- -
cpe:2.3:a:epic_games:unreal_engine:433:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:epic_games:unreal_tournament_2003:demo_version_220
  Yes
- -