Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0608

6 documents4 sources
Severity
10.0CRITICAL
EPSS
64.4%
top 1.55%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
12
Arush DevastationEpic Games Unreal EngineEpic Games Unreal Tournament+9 more
Timeline
PublishedDec 6
Latest updateApr 29

Description

The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces 20000 and earlier, Nerf Arena Blast 1.2 and earlier, Postal 2 1337 and earlier, Rune 107 and earlier, Tactical Ops 3.4.0 and earlier, Unreal 1 226f and earlier, Unreal II XMP 7710 and earlier, Unreal Tournament 451b and earlier, Unreal Tournament 2003 2225 and earlier, Unreal Tournament 2004 before 3236, Wheel of Time 333b and earlier, and X-com Enforcer, allows remote attackers to execute arbitr

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages12 packages

NVDepic_games/unreal_engine226f, 433, 436+2

Patches

Patch: www.gentoo.orgPatch: www.gentoo.org

🔴Vulnerability Details

2
GHSA
GHSA-qwq5-rcrx-8xwx: The Unreal Engine, as used in DeusEx 12022-04-29
CVEList
CVE-2004-0608: The Unreal Engine, as used in DeusEx 12004-06-30

💥Exploits & PoCs

3
Exploit-DB
Unreal Tournament 2004 (Windows) - 'secure' Remote Overflow (Metasploit)2010-09-20
Exploit-DB
Unreal Tournament 2004 (Linux) - 'secure' Remote Overflow (Metasploit)2010-09-20
Exploit-DB
Unreal Tournament 2004 - 'Secure' Remote Overflow (Metasploit)2004-07-18