VYPR
Vendor

Activision

Products
7
CVEs
8
Across products
14
Status
Private

Products

7

Recent CVEs

8
  • CVE-2018-10718CriMay 3, 2018
    risk 0.71cvss 10.0epss 0.32

    Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to execute arbitrary code via crafted packets.

  • CVE-2008-2106May 7, 2008
    risk 0.04cvss epss 0.08

    Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated users to cause a denial of service (crash) via a type 7 stats packet, which triggers a memcpy with a negative value.

  • CVE-2006-5058Sep 28, 2006
    risk 0.04cvss epss 0.10

    Buffer overflow in (1) Call of Duty 1.5b and earlier, (2) Call of Duty United Offensive 1.51b and earlier, and (3) Call of Duty 2 1.3 and earlier allows remote attackers to execute arbitrary code via a long map argument to the "callvote map" command.

  • CVE-2004-1664Sep 5, 2004
    risk 0.04cvss epss 0.08

    Call of Duty 1.4 and earlier allows remote attackers to cause a denial of service (game end) via a large (1) query or (2) reply packet, which is not properly handled by the buffer overflow protection mechanism. NOTE: this issue might overlap CVE-2005-0430.

  • CVE-2019-20893Jun 30, 2020
    risk 0.00cvss epss 0.02

    An issue was discovered in Activision Infinity Ward Call of Duty Modern Warfare 2 through 2019-12-11. PartyHost_HandleJoinPartyRequest has a buffer overflow vulnerability and can be exploited by using a crafted joinParty packet. This can be utilized to conduct arbitrary code…

  • CVE-2018-20817Apr 19, 2019
    risk 0.00cvss epss 0.04

    SV_SteamAuthClient in various Activision Infinity Ward Call of Duty games before 2015-08-11 is missing a size check when reading authBlob data into a buffer, which allows one to execute code on the remote target machine when sending a steam authentication request. This affects…

  • CVE-2012-4918Jan 22, 2013
    risk 0.00cvss epss 0.01

    Call of Duty Elite for iOS 2.0.1 does not properly validate the server SSL certificate, which allows remote attackers to obtain sensitive information via a Man-in-the-Middle (MITM) attack.

  • CVE-2005-0983May 2, 2005
    risk 0.00cvss epss 0.03

    Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (client disconnect) via a long message, which is not properly truncated and causes the engine to process the remaining data as if it were network data.