Lucene search

[email protected]NVD:CVE-2010-2627

HistoryJul 02, 2010 - 8:30 p.m.

CVE-2010-2627

2010-07-0220:30:01

CWE-22

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.03 Low

EPSS

Percentile

91.0%

JSON

Multiple directory traversal vulnerabilities in the Refractor 2 engine, as used in Battlefield 2 1.50 (1.5.3153-802.0) and earlier, and Battlefield 2142 (1.10.48.0) and earlier, allow remote servers to overwrite arbitrary files on the client via "…" (dot dot backslash) sequences in URLs for the (1) sponsor or (2) community logos, and other URLs related to (3) DemoDownloadURL, (4) DemoIndexURL and (5) CustomMapsURL.

Affected configurations

NVD

Node

eabattlefield_2Range≤2.1.50

eabattlefield_2142Range≤1.10.48.0

References

aluigi.altervista.org/adv/bf2urlz-adv.txt

osvdb.org/65863

secunia.com/advisories/40334

www.securityfocus.com/bid/41262

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.03 Low

EPSS

Percentile

91.0%

JSON

Related for NVD:CVE-2010-2627

prion1 cvelist1 cve1