Vulnerabilities > UBI

DATE CVE VULNERABILITY TITLE RISK
2014-08-25 CVE-2014-5453 Permissions, Privileges, and Access Controls vulnerability in UBI Uplay PC
Ubisoft Uplay PC before 4.6.1.3217 use weak permissions (Everyone: Full Control) for the program installation directory (%PROGRAMFILES%\Ubisoft Game Launcher), which allows local users to gain privileges via a Trojan horse file.
local
low complexity
ubi CWE-264
7.2
2014-06-19 CVE-2014-4334 Buffer Errors vulnerability in UBI Rayman Legends 1.0.95278/1.1.100477/1.2.103716
Stack-based buffer overflow in Ubisoft Rayman Legends before 1.3.140380 allows remote attackers to execute arbitrary code via a long string in the "second connection" to TCP port 1001.
network
low complexity
ubi CWE-119
7.5
2012-08-07 CVE-2012-4177 OS Command Injection vulnerability in UBI Uplay PC
The web browser plugin for Ubisoft Uplay PC before 2.0.4 allows remote attackers to execute arbitrary programs via the -orbit_exe_path command line argument.
network
low complexity
ubi CWE-78
critical
10.0