VDB

CVE-2010-2702

CVE-2010-2702 PUBLISHED CVSS 9.300000190734863 CRITICAL

Buffer overflow in the UGameEngine::UpdateConnectingMessage function in the Unreal engine 1, 2, and 2.5, as used in multiple games including Unreal Tournament 2004, Unreal tournament 2003, Postal 2, Raven Shield, and SWAT4, when downloads are enabled, allows remote attackers to execute arbitrary code via a long LEVEL field in a WELCOME response to a download request.

EPSS 5.34% · 90.2th percentile

Risk Scores

CVSS 2.0
9.300000190734863
EPSS Score
5.34%
90.2th percentile

Affected Products

VendorProductVersions
epicgamespostal_2
n/an/a*
epicgamesunreal_tournament_2003
epicgamesraven_shield
epicgamesswat_4
epicgamesunreal_engine1, 2.5, 2
epicgamesunreal_tournament_2004

Timeline

  • Jul 12, 2010 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Feb 9, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 2, 2023 EPSS Score
  • Apr 21, 2023 EPSS Score
  • Jul 17, 2023 EPSS Score
  • Sep 7, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›