Lucene search

[email protected]CVE-2004-2099

HistoryMay 27, 2005 - 4:00 a.m.

CVE-2004-2099

2005-05-2704:00:00

[email protected]

web.nvd.nist.gov

buffer overflow

nfshp2

remote code execution

vulnerability

nvd

cve-2004-2099

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.046 Low

EPSS

Percentile

92.6%

JSON

Buffer overflow in Need for Speed Hot Pursuit 2.0 client (NFSHP2), version 242 and earlier, allows remote attackers (servers) to execute arbitrary code via long (1) gamename, (2) gamever, (3) hostname, (4) gametype, (5) mapname or (6) gamemode commands.

Affected configurations

NVD

Node

electronic_artsneed_for_speed_hot_pursuit_2Range≤242.0

CPENameOperatorVersion
electronic_arts:need_for_speed_hot_pursuit_2electronic arts need for speed hot pursuit 2le242.0

CPE	Name	Operator	Version
electronic_arts:need_for_speed_hot_pursuit_2	electronic arts need for speed hot pursuit 2	le	242.0

References

aluigi.altervista.org/adv/nfshp2cbof-adv.txt

marc.info/?l=bugtraq&m=107479094508691&w=2

www.securityfocus.com/bid/9473

exchange.xforce.ibmcloud.com/vulnerabilities/14909

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.046 Low

EPSS

Percentile

92.6%

JSON

Related for CVE-2004-2099

nvd1 cvelist1