CVE-2003-1432

Name of the Vulnerable Software and Affected Versions Epic Games Unreal Engine versions 226f through 436

Description The issue allows remote attackers to cause a denial of service, potentially leading to CPU consumption or a crash, and may also enable the execution of arbitrary code. This can be achieved through a packet with a negative size value, which is treated as a large positive number during memory allocation, or a negative size value in a package file.

Recommendations For versions 226f through 436, as a temporary workaround, consider restricting the handling of packets with negative size values to minimize the risk of exploitation. Additionally, avoid using package files with negative size values until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.