Lucene search

K
cve[email protected]CVE-2010-2627
HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-2627

2022-10-0316:21:08
CWE-22
web.nvd.nist.gov
23
cve
2010
2627
directory traversal
vulnerabilities
refractor 2 engine
battlefield 2
battlefield 2142
remote servers
arbitrary files
urls
demodownloadurl
demoindexurl
custommapsurl
nvd

7.2 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.03 Low

EPSS

Percentile

91.0%

Multiple directory traversal vulnerabilities in the Refractor 2 engine, as used in Battlefield 2 1.50 (1.5.3153-802.0) and earlier, and Battlefield 2142 (1.10.48.0) and earlier, allow remote servers to overwrite arbitrary files on the client via "…" (dot dot backslash) sequences in URLs for the (1) sponsor or (2) community logos, and other URLs related to (3) DemoDownloadURL, (4) DemoIndexURL and (5) CustomMapsURL.

Affected configurations

NVD
Node
eabattlefield_2Range2.1.50
OR
eabattlefield_2142Range1.10.48.0

7.2 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.03 Low

EPSS

Percentile

91.0%

Related for CVE-2010-2627