cpe:/a:epicgames:unreal_engine:2 cpe:/a:epicgames:unreal_engine:2.5 cpe:/a:epicgames:unreal_engine:3 CVE-2008-6441 2009-03-09T10:30:00.170-04:00 2017-08-16T21:29:18.160-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2009-03-10T08:27:00.000-04:00 ALLOWS_ADMIN_ACCESS BUGTRAQ 20080911 Clients format strings in the Unreal engine BID 31141 SECUNIA 31854 OSVDB 48290 OSVDB 48291 MISC http://aluigi.altervista.org/adv/unrealcfs-adv.txt XF unrealengine-dlmgr-format-string(45088) XF unrealengine-pkg-format-string(45089) XF unrealengine-welcome-format-string(45090) Format string vulnerability in the Epic Games Unreal engine client, as used in multiple games, allows remote servers to execute arbitrary code via (1) the CLASS parameter in a DLMGR command, (2) a malformed package (PKG), and possibly (3) the LEVEL parameter in a WELCOME command.