CVE-2004-2099

Need for Speed Hot Pursuit 2.0 <242 - Buffer Overflow

Title source: llm

Description

Buffer overflow in Need for Speed Hot Pursuit 2.0 client (NFSHP2), version 242 and earlier, allows remote attackers (servers) to execute arbitrary code via long (1) gamename, (2) gamever, (3) hostname, (4) gametype, (5) mapname or (6) gamemode commands.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Luigi Auriemma · cdoswindows

https://www.exploit-db.com/exploits/147

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/14909

[Mailing List] http://marc.info/?l=bugtraq&m=107479094508691&w=2

[Exploit] http://aluigi.altervista.org/adv/nfshp2cbof-adv.txt

[Exploit] http://www.securityfocus.com/bid/9473

Scores

EPSS 0.0528

EPSS Percentile 90.0%

Details

Status published

Products (1)

electronic_arts/need_for_speed_hot_pursuit_2 < 242.0

Published Dec 31, 2004

Tracked Since Feb 18, 2026