Description
Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in class names.
Affected products
- Epic Games / unreal_engine226f – 226f
- Epic Games / unreal_engine433 – 433
- Epic Games / unreal_engine436 – 436
References
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/15430
- MAILING_LISThttp://marc.info/?l=bugtraq&m=107893764406905&w=2
- MISChttp://aluigi.altervista.org/adv/unrfs-adv.txt
- VENDOR_ADVISORYhttp://secunia.com/advisories/11108
- MISChttp://www.securityfocus.com/bid/9840
- MAILING_LISThttp://marc.info/?l=bugtraq&m=107902755204583&w=2