Vulnerabilities > Activision
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-30 | CVE-2019-20893 | Classic Buffer Overflow vulnerability in Activision Call of Duty Modern Warfare 2 20180426/20191211 An issue was discovered in Activision Infinity Ward Call of Duty Modern Warfare 2 through 2019-12-11. | 10.0 |
| 2019-04-19 | CVE-2018-20817 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Activision products SV_SteamAuthClient in various Activision Infinity Ward Call of Duty games before 2015-08-11 is missing a size check when reading authBlob data into a buffer, which allows one to execute code on the remote target machine when sending a steam authentication request. | 7.5 |
| 2018-05-03 | CVE-2018-10718 | Out-of-bounds Write vulnerability in Activision Call of Duty Modern Warfare 2 Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to execute arbitrary code via crafted packets. | 10.0 |
| 2013-01-22 | CVE-2012-4918 | Improper Input Validation vulnerability in Activision Call of Duty Elite 2.0.1 Call of Duty Elite for iOS 2.0.1 does not properly validate the server SSL certificate, which allows remote attackers to obtain sensitive information via a Man-in-the-Middle (MITM) attack. | 5.8 |
| 2008-05-07 | CVE-2008-2106 | Improper Input Validation vulnerability in Activision Call of Duty 4 Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated users to cause a denial of service (crash) via a type 7 stats packet, which triggers a memcpy with a negative value. | 6.8 |
| 2006-09-28 | CVE-2006-5058 | Remote Buffer Overflow vulnerability in Activision products Buffer overflow in (1) Call of Duty 1.5b and earlier, (2) Call of Duty United Offensive 1.51b and earlier, and (3) Call of Duty 2 1.3 and earlier allows remote attackers to execute arbitrary code via a long map argument to the "callvote map" command. | 7.5 |
| 2005-05-02 | CVE-2005-0983 | Denial of Service vulnerability in Quake 3 Engine Message Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (client disconnect) via a long message, which is not properly truncated and causes the engine to process the remaining data as if it were network data. | 5.0 |
| 2004-09-05 | CVE-2004-1664 | Remote Denial of Service vulnerability in Call of Duty Call of Duty 1.4 and earlier allows remote attackers to cause a denial of service (game end) via a large (1) query or (2) reply packet, which is not properly handled by the buffer overflow protection mechanism. | 5.0 |