CVE-2007-4443

critical

Description

The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote attackers to cause a denial of service (continuous beep and server slowdown) via a string containing many 0x07 characters in (1) a request to the images/ directory, (2) the Content-Type field, (3) a HEAD request, and possibly other unspecified vectors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/36103

http://www.securityfocus.com/archive/1/478064/100/200/threaded

http://www.securityfocus.com/archive/1/478053/100/200/threaded

http://www.securityfocus.com/archive/1/477026/100/0/threaded

http://securityreason.com/securityalert/3039

http://secunia.com/advisories/26506

http://aluigi.org/poc/unrwebdos.zip

http://aluigi.org/adv/unrwebdos-adv.txt

Details

Source: Mitre, NVD

Published: 2007-08-21

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Severity: Critical

EPSS

EPSS: 0.01258