Electronic Arts
Products
9- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
10| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-57276 | Hig | 0.47 | 7.3 | 0.00 | Jan 27, 2025 | In Electronic Arts Dragon Age Origins 1.05, the DAUpdaterSVC service contains an unquoted service path vulnerability. This service is configured with insecure permissions, allowing users to modify the executable file path used by the service. The service runs with NT… | ||
| CVE-2007-4466 | 0.09 | — | 0.77 | Oct 9, 2007 | Multiple stack-based buffer overflows in Electronic Arts (EA) SnoopyCtrl ActiveX control (NPSnpy.dll) allow remote attackers to execute arbitrary code via unspecified methods and parameters. | |||
| CVE-2004-0735 | 0.09 | — | 0.80 | Jul 27, 2004 | Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and earlier, (2) Breakthrough 2.40b and earlier, and (3) Spearhead 2.15 and earlier, when playing on a Local Area Network (LAN), allows remote attackers to execute arbitrary code via vectors such as (1) the getinfo… | |||
| CVE-2003-1355 | 0.05 | — | 0.29 | Dec 31, 2003 | Buffer overflow in the remote console (rcon) in Battlefield 1942 1.2 and 1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long user name and password. | |||
| CVE-2004-1220 | 0.04 | — | 0.11 | Jan 10, 2005 | Battlefield 1942 1.6.19 and earlier, and Battlefield Vietnam 1.2 and earlier, allows a remote master server to cause a denial of service (client crash) via a server reply that contains a large numplayers value, which triggers a null dereference. | |||
| CVE-2013-4867 | 0.03 | — | 0.01 | Dec 27, 2019 | Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking | |||
| CVE-2004-2099 | 0.03 | — | 0.05 | Dec 31, 2004 | Buffer overflow in Need for Speed Hot Pursuit 2.0 client (NFSHP2), version 242 and earlier, allows remote attackers (servers) to execute arbitrary code via long (1) gamename, (2) gamever, (3) hostname, (4) gametype, (5) mapname or (6) gamemode commands. | |||
| CVE-2020-15914 | 0.00 | — | 0.00 | Oct 30, 2020 | A cross-site scripting (XSS) vulnerability exists in the Origin Client for Mac and PC 10.5.86 or earlier that could allow a remote attacker to execute arbitrary Javascript in a target user’s Origin client. An attacker could use this vulnerability to access sensitive data… | |||
| CVE-2020-27708 | 0.00 | — | 0.00 | Oct 30, 2020 | A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for… | |||
| CVE-2006-3393 | 0.00 | — | 0.01 | Jul 6, 2006 | Papyrus NASCAR Racing 4 4.1.3.1.6 and earlier, 2002 Season 1.1.0.2 and earlier, and 2003 Season 1.2.0.1 and earlier allows remote attackers to cause a denial of service (CPU consumption) by sending an empty UDP datagram, which is not properly discarded due to use of the FIONREAD… |
- risk 0.47cvss 7.3epss 0.00
In Electronic Arts Dragon Age Origins 1.05, the DAUpdaterSVC service contains an unquoted service path vulnerability. This service is configured with insecure permissions, allowing users to modify the executable file path used by the service. The service runs with NT…
- CVE-2007-4466Oct 9, 2007risk 0.09cvss —epss 0.77
Multiple stack-based buffer overflows in Electronic Arts (EA) SnoopyCtrl ActiveX control (NPSnpy.dll) allow remote attackers to execute arbitrary code via unspecified methods and parameters.
- CVE-2004-0735Jul 27, 2004risk 0.09cvss —epss 0.80
Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and earlier, (2) Breakthrough 2.40b and earlier, and (3) Spearhead 2.15 and earlier, when playing on a Local Area Network (LAN), allows remote attackers to execute arbitrary code via vectors such as (1) the getinfo…
- CVE-2003-1355Dec 31, 2003risk 0.05cvss —epss 0.29
Buffer overflow in the remote console (rcon) in Battlefield 1942 1.2 and 1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long user name and password.
- CVE-2004-1220Jan 10, 2005risk 0.04cvss —epss 0.11
Battlefield 1942 1.6.19 and earlier, and Battlefield Vietnam 1.2 and earlier, allows a remote master server to cause a denial of service (client crash) via a server reply that contains a large numplayers value, which triggers a null dereference.
- CVE-2013-4867Dec 27, 2019risk 0.03cvss —epss 0.01
Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking
- CVE-2004-2099Dec 31, 2004risk 0.03cvss —epss 0.05
Buffer overflow in Need for Speed Hot Pursuit 2.0 client (NFSHP2), version 242 and earlier, allows remote attackers (servers) to execute arbitrary code via long (1) gamename, (2) gamever, (3) hostname, (4) gametype, (5) mapname or (6) gamemode commands.
- CVE-2020-15914Oct 30, 2020risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability exists in the Origin Client for Mac and PC 10.5.86 or earlier that could allow a remote attacker to execute arbitrary Javascript in a target user’s Origin client. An attacker could use this vulnerability to access sensitive data…
- CVE-2020-27708Oct 30, 2020risk 0.00cvss —epss 0.00
A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for…
- CVE-2006-3393Jul 6, 2006risk 0.00cvss —epss 0.01
Papyrus NASCAR Racing 4 4.1.3.1.6 and earlier, 2002 Season 1.1.0.2 and earlier, and 2003 Season 1.2.0.1 and earlier allows remote attackers to cause a denial of service (CPU consumption) by sending an empty UDP datagram, which is not properly discarded due to use of the FIONREAD…