Vulnerabilities > CVE-2004-2099 - Remote Buffer Overflow vulnerability in EA Black Box Need For Speed Hot Pursuit 2 Game Client

CVSS 5.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

high complexity

electronic-arts

exploit available

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

Buffer overflow in Need for Speed Hot Pursuit 2.0 client (NFSHP2), version 242 and earlier, allows remote attackers (servers) to execute arbitrary code via long (1) gamename, (2) gamever, (3) hostname, (4) gametype, (5) mapname or (6) gamemode commands.

Vulnerable Configurations

Part	Description	Count
Application	Electronic_Arts Electronic Arts Need FOR Speed HOT Pursuit 2 *	1

Exploit-Db

description	Need for Speed 2 Remote Client Buffer Overflow Exploit. CVE-2004-2099. Dos exploit for windows platform
id	EDB-ID:147
last seen	2016-01-31
modified	2004-01-23
published	2004-01-23
reporter	Luigi Auriemma
source	https://www.exploit-db.com/download/147/
title	Need for Speed 2 - Remote Client Buffer Overflow Exploit

Summary

Vulnerable Configurations

Exploit-Db

References