CVE-2007-4443
published 2007-08-21CVE-2007-4443: The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote attackers to cause a denial of service (continuous beep and…
PriorityP418medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
1.75%
75.0th percentile
The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote attackers to cause a denial of service (continuous beep and server slowdown) via a string containing many 0x07 characters in (1) a request to the images/ directory, (2) the Content-Type field, (3) a HEAD request, and possibly other unspecified vectors.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| americasarmy | america_s_army | <= 2.8.2 | — |
| americasarmy | america_s_army_special_forces | <= 2.8.2 | — |
| epic_games | unreal_engine | — | — |
| epic_games | unreal_engine | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-66cg-284q-vjh6: The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote attackers to cause a denial of service (continuous be
ghsa_unreviewed·2022-05-01
CVE-2007-4443 [MEDIUM] GHSA-66cg-284q-vjh6: The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote attackers to cause a denial of service (continuous be
The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote attackers to cause a denial of service (continuous beep and server slowdown) via a string containing many 0x07 characters in (1) a request to the images/ directory, (2) the Content-Type field, (3) a HEAD request, and possibly other unspecified vectors.
GHSA
GHSA-q8hh-59h8-qrwc: The Windows dedicated server for the Unreal engine, as used by America's Army and America's Army Special Forces 2
ghsa_unreviewed·2022-05-01·CVSS 5.0
CVE-2007-5250 [MEDIUM] GHSA-q8hh-59h8-qrwc: The Windows dedicated server for the Unreal engine, as used by America's Army and America's Army Special Forces 2
The Windows dedicated server for the Unreal engine, as used by America's Army and America's Army Special Forces 2.8.2 and earlier, when Punkbuster (PB) is enabled, allows remote attackers to cause a denial of service (server hang) via packets containing 0x07 characters or other unspecified invalid characters. NOTE: this issue may overlap CVE-2007-4443. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://aluigi.org/adv/unrwebdos-adv.txthttp://aluigi.org/poc/unrwebdos.ziphttp://secunia.com/advisories/26506http://securityreason.com/securityalert/3039http://www.securityfocus.com/archive/1/477026/100/0/threadedhttp://www.securityfocus.com/archive/1/478053/100/200/threadedhttp://www.securityfocus.com/archive/1/478064/100/200/threadedhttps://exchange.xforce.ibmcloud.com/vulnerabilities/36103http://aluigi.org/adv/unrwebdos-adv.txthttp://aluigi.org/poc/unrwebdos.ziphttp://secunia.com/advisories/26506http://securityreason.com/securityalert/3039http://www.securityfocus.com/archive/1/477026/100/0/threadedhttp://www.securityfocus.com/archive/1/478053/100/200/threadedhttp://www.securityfocus.com/archive/1/478064/100/200/threadedhttps://exchange.xforce.ibmcloud.com/vulnerabilities/36103
2007-08-21
Published