Vulnerability Details CVE-2004-1958
Directory traversal vulnerability in manifest.ini in Unreal engine allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in a UMOD (Unreal MOD) file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.034
EPSS Ranking 86.9%
CVSS Severity
CVSS v2 Score 5.0
References
- http://aluigi.altervista.org/adv/umod-adv.txt
- http://marc.info/?l=bugtraq&m=108267310519459&w=2
- http://www.securityfocus.com/bid/10196
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15942
- http://aluigi.altervista.org/adv/umod-adv.txt
- http://marc.info/?l=bugtraq&m=108267310519459&w=2
- http://www.securityfocus.com/bid/10196
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15942
Products affected by CVE-2004-1958
-
cpe:2.3:a:epic_games:unreal_engine:433
-
cpe:2.3:a:epic_games:unreal_engine:436
-
cpe:2.3:a:epic_games:unreal_tournament:451b
-
cpe:2.3:a:epic_games:unreal_tournament_2003:2199_macos
-
cpe:2.3:a:epic_games:unreal_tournament_2003:2199_win32
-
cpe:2.3:a:epic_games:unreal_tournament_2003:2225_macos
-
cpe:2.3:a:epic_games:unreal_tournament_2003:2225_win32