Alleged security hole in CryENGINE 3 game engine
Computerworld reports that, at the recent Power of Community (POC2012) security conference, security specialists from ReVuln presented security holes in numerous online-enabled games. For example, ReVuln says that it managed to compromise a computer by exploiting a hole in the Nexuiz multi-player first person shooter. However, the company has so far not released any vulnerability details.
Instead, a video has been released to demonstrate that a custom-built exploit is functional. According to ReVuln, the holes are contained in CryENGINE 3, a game engine that is used by Nexuiz and many other games. This means that other games that are based on CryENGINE 3 could also potentially be affected.
As part of their presentation, the security researchers also demonstrated a denial-of-service (DoS) attack on a game server of the popular Call Of Duty: Modern Warfare 3 PC game. The company is hoping to attract commercial contracts with the affected game developers to close the security holes.
- Report: Steam poses security risk, a report from The H.