CVE-2004-1664

Call of Duty <= 1.4 - Denial of Service via Large Query or Reply Packet

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1664. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Call of Duty <= 1.4, allowing an attacker to crash both servers and clients by sending maliciously crafted packets. The PoC includes two attack modes: broadcasting to clients or directly targeting a server.

Description

Call of Duty 1.4 and earlier allows remote attackers to cause a denial of service (game end) via a large (1) query or (2) reply packet, which is not properly handled by the buffer overflow protection mechanism. NOTE: this issue might overlap CVE-2005-0430.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Luigi Auriemma · cdosmultiple
https://www.exploit-db.com/exploits/433

This exploit targets a buffer overflow vulnerability in Call of Duty <= 1.4, allowing an attacker to crash both servers and clients by sending maliciously crafted packets. The PoC includes two attack modes: broadcasting to clients or directly targeting a server.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Call of Duty <= 1.4
No auth needed
Prerequisites: Network access to the target server or clients
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=109449953200587&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17286
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/11119

Scores

EPSS 0.0755
EPSS Percentile 93.7%

Details

Status published
Products (2)
activision/call_of_duty 1.4
activision/call_of_duty_united_offensive 1.41
Published Sep 05, 2004
Tracked Since Feb 18, 2026