Published: 02/07/2010 Updated: 06/07/2010

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Multiple directory traversal vulnerabilities in the Refractor 2 engine, as used in Battlefield 2 1.50 (1.5.3153-802.0) and previous versions, and Battlefield 2142 (1.10.48.0) and previous versions, allow remote servers to overwrite arbitrary files on the client via "..\" (dot dot backslash) sequences in URLs for the (1) sponsor or (2) community logos, and other URLs related to (3) DemoDownloadURL, (4) DemoIndexURL and (5) CustomMapsURL.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ea battlefield 2142
ea battlefield 2

Source: aluigiorg/adv/bf2urlz-advtxt ####################################################################### Luigi Auriemma Application: Refractor 2 engine Games: Battlefield 2 <= 150 (aka 153153-8020) wwwbattlefieldeacom/battlefield/bf2/ Battlefield 2142 <= 150 (aka 110480) battlefieldeacom/battlefield/ ...

CWE-22 http://osvdb.org/65863 http://secunia.com/advisories/40334 http://www.securityfocus.com/bid/41262 http://aluigi.altervista.org/adv/bf2urlz-adv.txt https://nvd.nist.gov https://www.exploit-db.com/exploits/14267/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-2627

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect