Vulnerabilities > EA > Crysis
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-04-21 | CVE-2008-6737 | Information Exposure vulnerability in EA Crysis 1.1/1.2 Crysis 1.21 and earlier allows remote attackers to obtain sensitive player information such as real IP addresses by sending a keyexchange packet without a previous join packet, which causes Crysis to send a disconnect packet that includes unrelated log information. | 7.8 |
| 2009-04-10 | CVE-2008-6712 | Remote Denial of Service vulnerability in EA Crysis 1.1/1.2 The HTTP/XML-RPC service in Crysis 1.21 (game version 1.1.1.6156) and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request, which triggers a NULL pointer dereference. | 5.0 |