Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2008-7015

CWE-119 — Buffer Overflow4 documents4 sources

Severity

5.0MEDIUM

EPSS

4.1%

top 11.39%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Frontlines Fuel OF WAR Epic Games Unreal Tournament

Timeline

PublishedAug 19

Latest updateMay 14

Description

Unreal engine 3, as used in Unreal Tournament 3 1.3, Frontlines: Fuel of War 1.1.1, and other products, allows remote attackers to cause a denial of service (server exit) via a packet with a large length value that triggers a memory allocation failure.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDepic_games/unreal_tournament3

▶NVDfrontlines/fuel_of_war1.1.1

🔴Vulnerability Details

GHSA

GHSA-4w88-q6w3-v8qg: Unreal engine 3, as used in Unreal Tournament 3 1↗2022-05-14

▶

CVEList

CVE-2008-7015: Unreal engine 3, as used in Unreal Tournament 3 1↗2009-08-19

▶

💥Exploits & PoCs

Exploit-DB

Unreal Engine 3 - Failed Memory Allocation Remote Denial of Service↗2008-09-12

▶