CVE-2004-0608

Name of the Vulnerable Software and Affected Versions Unreal Engine versions 1.112fm and earlier Devastation versions 390 and earlier Mobile Forces versions 20000 and earlier Nerf Arena Blast versions 1.2 and earlier Postal 2 versions 1337 and earlier Rune versions 107 and earlier Tactical Ops versions 3.4.0 and earlier Unreal versions 1 226f and earlier Unreal II XMP versions 7710 and earlier Unreal Tournament versions 451b and earlier Unreal Tournament 2003 versions 2225 and earlier Unreal Tournament 2004 versions prior to 3236 Wheel of Time versions 333b and earlier X-com Enforcer (affected versions not specified)

Description The issue allows remote attackers to execute arbitrary code via a UDP packet containing a secure query with a long value, which overwrites memory.

Recommendations For Unreal Engine version 1.112fm and earlier, update to a version later than 1.112fm. For Devastation version 390 and earlier, update to a version later than 390. For Mobile Forces version 20000 and earlier, update to a version later than 20000. For Nerf Arena Blast version 1.2 and earlier, update to a version later than 1.2. For Postal 2 version 1337 and earlier, update to a version later than 1337. For Rune version 107 and earlier, update to a version later than 107. For Tactical Ops version 3.4.0 and earlier, update to a version later than 3.4.0. For Unreal version 1 226f and earlier, update to a version later than 1 226f. For Unreal II XMP version 7710 and earlier, update to a version later than 7710. For Unreal Tournament version 451b and earlier, update to a version later than 451b. For Unreal Tournament 2003 version 2225 and earlier, update to a version later than 2225. For Unreal Tournament 2004 version prior to 3236, update to version 3236 or later. For Wheel of Time version 333b and earlier, update to a version later than 333b. For X-com Enforcer, at the moment, there is no information about a newer version that contains a fix for this issue.