Unrated severityNVD Advisory· Published Jul 12, 2010· Updated Jun 16, 2026
CVE-2010-2702
CVE-2010-2702
Description
Buffer overflow in the UGameEngine::UpdateConnectingMessage function in the Unreal engine 1, 2, and 2.5, as used in multiple games including Unreal Tournament 2004, Unreal tournament 2003, Postal 2, Raven Shield, and SWAT4, when downloads are enabled, allows remote attackers to execute arbitrary code via a long LEVEL field in a WELCOME response to a download request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- cpe:2.3:a:epicgames:postal_2:*:*:*:*:*:*:*:*
- cpe:2.3:a:epicgames:raven_shield:*:*:*:*:*:*:*:*
- cpe:2.3:a:epicgames:swat_4:*:*:*:*:*:*:*:*
cpe:2.3:a:epicgames:unreal_engine:1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:epicgames:unreal_engine:1:*:*:*:*:*:*:*
- cpe:2.3:a:epicgames:unreal_engine:2:*:*:*:*:*:*:*
- cpe:2.3:a:epicgames:unreal_engine:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:epicgames:unreal_tournament_2003:*:*:*:*:*:*:*:*
- cpe:2.3:a:epicgames:unreal_tournament_2004:*:*:*:*:*:*:*:*
- Range: 1, 2, 2.5
Patches
Vulnerability mechanics
References
5- aluigi.altervista.org/adv/unrealcbof-adv.txtnvdExploit
- aluigi.org/poc/unrealcbof.txtnvdExploit
- secunia.com/advisories/40466nvdVendor Advisory
- osvdb.org/66039nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/60142nvd
News mentions
0No linked articles in our index yet.