CVE-2004-1805

Name of the Vulnerable Software and Affected Versions Unreal Engine version 436

Description The issue is related to a format string vulnerability in games that utilize the Epic Games Unreal Engine. This vulnerability can be exploited by remote attackers to cause a denial of service, resulting in a crash, and potentially execute arbitrary code. The exploitation is achieved through the use of format string specifiers in class names.

Recommendations For Unreal Engine version 436, consider applying patches or updates that address format string vulnerabilities, specifically focusing on the proper handling of class names to prevent arbitrary code execution and denial of service attacks. As a temporary workaround, restrict the use of format string specifiers in class names until a patch is available.