CVE-2004-1958

Published: Dec 31, 2004Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Directory traversal vulnerability in manifest.ini in Unreal engine allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in a UMOD (Unreal MOD) file.

Affected (7)

Products: Epic Games: Unreal Engine, Unreal Tournament, Unreal Tournament 2003

Epic Games

3 products

Unreal Engine

Unreal Tournament

Unreal Tournament 2003

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Epic Games Unreal Engine	Version 433
Epic Games Unreal Engine	Version 436
Epic Games Unreal Tournament	Version 451b
Epic Games Unreal Tournament 2003	Version 2199_macos
Epic Games Unreal Tournament 2003	Version 2199_win32
Epic Games Unreal Tournament 2003	Version 2225_macos
Epic Games Unreal Tournament 2003	Version 2225_win32