BID:30427

Unreal Tournament 2004 NULL Pointer Remote Denial of Service Vulnerability

Info

Unreal Tournament 2004 NULL Pointer Remote Denial of Service Vulnerability

Bugtraq ID:	30427
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2008-3396
Remote:	Yes
Local:	No
Published:	Jul 30 2008 12:00AM
Updated:	May 07 2015 05:25PM
Credit:	Luigi Auriemma
Vulnerable:	Epic Games Unreal Tournament 2004 3369 Epic Games Unreal Tournament 2004 3334

Not Vulnerable:

Discussion

Unreal Tournament 2004 NULL Pointer Remote Denial of Service Vulnerability

Unreal Tournament 2004 is prone to a remote denial-of-service vulnerability because the application fails to handle NULL-pointer exceptions.

An attacker could exploit this issue to crash the affected application, denying service to legitimate users.

This issue affects Unreal Tournament 2004 v3369 and prior versions.

Exploit / POC

Unreal Tournament 2004 NULL Pointer Remote Denial of Service Vulnerability

The following exploit code is available.

/data/vulnerabilities/exploits/30427.zip

Solution / Fix

Unreal Tournament 2004 NULL Pointer Remote Denial of Service Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

References

Unreal Tournament 2004 NULL Pointer Remote Denial of Service Vulnerability

References:

Unreal Tournament 2004 Homepage (Epic Games)
Unreal Tournament 2004 NULL pointer (Luigi Auriemma)
NULL pointer in Unreal Tournament 2004 v3369 (Luigi Auriemma )