Ubisoft Entertainment Ubisoft Uplay Elevation of Privilege Vulnerability

Ubisoft Entertainment Ubisoft Uplay is a desktop client application for the gaming platform of the French company Ubisoft Entertainment. The platform provides a game sales service and supports features such as player interaction. A security vulnerability exists in Ubisoft Entertainment Ubisoft...

CVE-2019-14737

Ubisoft Uplay 92.0.0.6280 has Insecure Permissions...

CVE-2019-14737

Ubisoft Uplay 92.0.0.6280 has Insecure Permissions...

Design/Logic Flaw

Ubisoft Uplay 92.0.0.6280 has Insecure Permissions...

CVE-2019-14737

CVE-2019-14737 affects Ubisoft Uplay 92.0.0.6280, with insecure permissions in the Uplay installation folder that can lead to local privilege elevation. The NVD entry notes a local attacker with low complexity and no authentication could achieve high impact (C/H/I/A = High). Root cause: insecure ...

CVE-2019-14737

Ubisoft Uplay 92.0.0.6280 has Insecure Permissions...

Uplay 92.0.0.6280 - Local Privilege Escalation

Uplay 92.0.0.6280 - Local Privilege Escalation Exploit Title: Uplay 92.0.0.6280 - Local Privilege Escalation Date: 2019-08-07 Exploit Author: Kusol Watchara-Apanukorn, Pongtorn Angsuchotmetee, Manich Koomsusi Vendor Homepage: https://uplay.ubisoft.com/ Version: 92.0.0.6280 Tested on: Windows 10 x...

redirection.ubisoft.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-989946 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

DDoS Attacks in Q3 2018

News Overview The third quarter 2018 turned out relatively quiet in terms of DDoS attacks. "Relatively" because there were not very many high-level multi-day DDoS onslaughts on major resources. However, the capacities employed by cybercriminals keep growing year after year, while the total number...

CVE-2018-15832

upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI...

Design/Logic Flaw

upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI...

CVE-2018-15832

upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI...

CVE-2018-15832

CVE-2018-15832 affects Ubisoft Uplay Desktop Client (upc.exe) version 63.0.5699.0, where the vulnerability arises from improper validation of a user-supplied string used in a system call during URI handling. This allows remote code execution under the current process context. Exploitation require...

CVE-2018-15832

upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI...

Ubisoft Uplay Desktop Client 63.0.5699.0 Remote Code Execution

Exploit Title: Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution Date: 2018-09-01 Exploit Author: Che-Chun Kuo Vulnerability Type: URI Parsing Command Injection Vendor Homepage: https://www.ubisoft.com/en-us/ Software Link: https://uplay.ubi.com/ Version: 63.0.5699.0 Tested on:...

Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution

Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution Exploit Title: Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution Date: 2018-09-01 Exploit Author: Che-Chun Kuo Vulnerability Type: URI Parsing Command Injection Vendor Homepage: https://www.ubisoft.com/en-us/ Software...

Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution Exploit

Exploit Title: Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution Exploit Author: Che-Chun Kuo Vulnerability Type: URI Parsing Command Injection Vendor Homepage: https://www.ubisoft.com/en-us/ Software Link: https://uplay.ubi.com/ Version: 63.0.5699.0 Tested on: Windows, Microsoft...

Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution

Exploit Title: Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution Date: 2018-09-01 Exploit Author: Che-Chun Kuo Vulnerability Type: URI Parsing Command Injection Vendor Homepage: https://www.ubisoft.com/en-us/ Software Link: https://uplay.ubi.com/ Version: 63.0.5699.0 Tested on:...

ubisoft.com XSS vulnerability

Open Bug Bounty ID: OBB-664578 Description| Value ---|--- Affected Website:| ubisoft.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Ubisoft Games Hit by Massive DDoS Attacks

By Waqas France based video game publisher Ubisoft suffered a series of massive DDoS attacks distributed denial-of-service. As a result, several Ubisoft gaming servers including Ghost Recon Wildlands, For Honor and Far Cry 5 were facing connectivity issues. The DDoS attacks began on Tuesday, July...