Alleged security hole in CryENGINE 3 game engine
Computerworld reports that, at the recent Power of Community (POC2012) security conference, security specialists from ReVuln presented security holes in numerous online-enabled games. For example, ReVuln says that it managed to compromise a computer by exploiting a hole in the Nexuiz multi-player first person shooter. However, the company has so far not released any vulnerability details.
Instead, a video has been released to demonstrate that a custom-built exploit is functional. According to ReVuln, the holes are contained in CryENGINE 3, a game engine that is used by Nexuiz and many other games. This means that other games that are based on CryENGINE 3 could also potentially be affected.
CryEngine 3 Remote Code Execution
As part of their presentation
, the security researchers also demonstrated a denial-of-service (DoS) attack on a game server of the popular Call Of Duty: Modern Warfare 3 PC game. The company is hoping to attract commercial contracts with the affected game developers to close the security holes.
See also:
- Report: Steam poses security risk, a report from The H.
(crve)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
