CVE-2003-1433

Unreal Engine 226f-436 - Improper Authentication via Challenge Key Validation Bypass

Title source: llm
STIX 2.1

Description

Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/6771
Various Sources x_refsource_misc
http://www.pivx.com/luigi/adv/ueng-adv.txt
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/11304
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html

Scores

EPSS 0.0118
EPSS Percentile 63.8%

Details

CWE
CWE-287
Status published
Products (3)
epic_games/unreal_engine 226f
epic_games/unreal_engine 433
epic_games/unreal_engine 436
Published Dec 31, 2003
Tracked Since Feb 18, 2026