Unreal Tournament 3 Denial Of Service And Memory Corruption Vulnerabilities

Bugtraq ID:	30430
Class:	Unknown
CVE:	CVE-2008-3410 CVE-2008-3409
Remote:	Yes
Local:	No
Published:	Jul 30 2008 12:00AM
Updated:	Jul 05 2016 10:01PM
Credit:	Luigi Auriemma
Vulnerable:	Epic Games Unreal Tournament 3 1.3beta4 Epic Games Unreal Tournament 3 1.2
Not Vulnerable:

Unreal Tournament 3 Denial Of Service And Memory Corruption Vulnerabilities

Unreal Tournament 3 is prone to multiple remote vulnerabilities, including a denial-of-service issue and a memory-corruption issue.

An attacker can exploit these issues to execute arbitrary code within the context of the affected application or cause the application to crash.

These issues affect the following versions:

Unreal Tournament 3 1.3beta4
Unreal Tournament 3 1.2 and prior

Unreal Tournament 3 Denial Of Service And Memory Corruption Vulnerabilities

The following proof of concept is available:

• /data/vulnerabilities/exploits/30430.zip

Unreal Tournament 3 Denial Of Service And Memory Corruption Vulnerabilities

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Unreal Tournament 3 Denial Of Service And Memory Corruption Vulnerabilities

References:

• Unreal Tournament 3 Homepage (Epic Games)
  
• Unreal Tournament III memory corruption and NULL pointer (Luigi Auriemma)
  
• Memory corruption and NULL pointer in Unreal Tournament III 1.2 (Luigi Auriemma )