Origin Security Vulnerabilities and Issues — Origin CVE List

Lucene search

EaOrigin

4 matches found

CVE•added 2019/06/14 8:29 p.m.•648 views

CVE-2019-12828

An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via the...

8.8CVSS8.2AI score0.17122EPSS

CVE•added 2019/04/19 10:29 p.m.•111 views

CVE-2019-11354

The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices...

7.8CVSS8.2AI score0.47341EPSS

CVE•added 2019/12/12 2:15 p.m.•44 views

CVE-2019-19248

Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2).

7.8CVSS7.7AI score0.00044EPSS

CVE•added 2019/12/12 2:15 p.m.•33 views

CVE-2019-19247

Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2).

7.8CVSS7.7AI score0.00127EPSS