CVE-2004-1805

Published: Dec 31, 2004Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in class names.

Affected (3)

Products: Epic Games: Unreal Engine

Epic Games

1 product

Unreal Engine

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Epic Games Unreal Engine	Version 226f
Epic Games Unreal Engine	Version 433
Epic Games Unreal Engine	Version 436

References (12)

http://aluigi.altervista.org/adv/unrfs-adv.txt

Source: cve@mitre.org

Exploit

http://marc.info/?l=bugtraq&m=107893764406905&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=107902755204583&w=2

Source: cve@mitre.org

http://secunia.com/advisories/11108

Source: cve@mitre.org

http://www.securityfocus.com/bid/9840

Source: cve@mitre.org

ExploitPatch

https://exchange.xforce.ibmcloud.com/vulnerabilities/15430

Source: cve@mitre.org

http://aluigi.altervista.org/adv/unrfs-adv.txt