CVE-2010-2627
Last modified
CVE-2010-2627 is a vulnerability of currently unknown severity. Multiple directory traversal vulnerabilities in the Refractor 2 engine, as used in Battlefield 2 1.50 (1.5.3153-802.0) and earlier, and Battlefield 2142 (1.10.48.0) and earlier, allow remote servers to overwrite arbitrary files on the client via "..\" (dot dot backslash) sequences in URLs for the (1) sponsor or (2) community logos, and other URLs related to (3) DemoDownloadURL, (4) DemoIndexURL and (5) CustomMapsURL.. EPSS estimates a 3.66% chance of exploitation in the next 30 days.
Description
Multiple directory traversal vulnerabilities in the Refractor 2 engine, as used in Battlefield 2 1.50 (1.5.3153-802.0) and earlier, and Battlefield 2142 (1.10.48.0) and earlier, allow remote servers to overwrite arbitrary files on the client via "..\" (dot dot backslash) sequences in URLs for the (1) sponsor or (2) community logos, and other URLs related to (3) DemoDownloadURL, (4) DemoIndexURL and (5) CustomMapsURL.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ea | Battlefield 2 | <= 2.1.50 |
| Ea | Battlefield 2142 | <= 1.10.48.0 |
References
- http://osvdb.org/65863Exploit
- http://secunia.com/advisories/40334Vendor Advisory
- http://osvdb.org/65863Exploit
- http://secunia.com/advisories/40334Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2010-2627?
How severe is CVE-2010-2627?
How do I fix CVE-2010-2627?
Are you affected by CVE-2010-2627?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST