CVE-2004-2099

Need for Speed Hot Pursuit 2.0 <242 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-2099. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Need for Speed Hot Pursuit 2 (versions 240 and 242) by sending a maliciously crafted UDP packet to port 61220. The payload overwrites the return address with 0xdeadc0de, demonstrating a classic stack-based overflow.

Description

Buffer overflow in Need for Speed Hot Pursuit 2.0 client (NFSHP2), version 242 and earlier, allows remote attackers (servers) to execute arbitrary code via long (1) gamename, (2) gamever, (3) hostname, (4) gametype, (5) mapname or (6) gamemode commands.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Luigi Auriemma · cdoswindows
https://www.exploit-db.com/exploits/147

This exploit targets a buffer overflow vulnerability in Need for Speed Hot Pursuit 2 (versions 240 and 242) by sending a maliciously crafted UDP packet to port 61220. The payload overwrites the return address with 0xdeadc0de, demonstrating a classic stack-based overflow.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Need for Speed Hot Pursuit 2 <= 242
No auth needed
Prerequisites: Network access to the target's UDP port 61220
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/14909
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=107479094508691&w=2
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/9473

Scores

EPSS 0.0428
EPSS Percentile 89.8%

Details

Status published
Products (1)
electronic_arts/need_for_speed_hot_pursuit_2 < 242.0
Published Dec 31, 2004
Tracked Since Feb 18, 2026