CVSS: 8.8EPSS: 23%CPEs: 1EXPL: 4CVE-2019-12828 – Electronic Arts Origin URI Handler Remote Command Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-12828
An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via the platformpluginpath argument supplied with a Windows network share. Fue encontrado un problema en Origin de Electronic Arts anterior a versión 10.5.39. Debido a un saneamiento inapropiado de los esquemas URI origin:// y origin2://, es posible inyectar argumentos adicionales en el proceso Origin y, finalmente, impulsar la ejecución del código cargando un plugin Qt de puerta trasera (backdoor) remotamente por medio del argumento platformpluginpath suministrado con una red compartida de Windows. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Electronic Arts Origin. • https://www.exploit-db.com/exploits/47019 http://packetstormsecurity.com/files/153385/EA-Origin-Remote-Code-Execution.html https://www.bleepingcomputer.com/news/security/qt5-based-gui-apps-susceptible-to-remote-code-execution https://www.youtube.com/watch?v=E9vCx9KsF3c https://www.zerodayinitiative.com/advisories/ZDI-19-574 https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers • CWE-19: Data Processing Errors •
CVSS: 7.8EPSS: 53%CPEs: 1EXPL: 5CVE-2019-11354 – dotProject 2.1.9 - SQL Injection
https://notcve.org/view.php?id=CVE-2019-11354
The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices communication. El cliente de Electronic Arts (EA) Origin versión 10.5.36 en Windows permite la inyección de plantillas en el parámetro title del controlador URI de Origin2. Esto se puede utilizar para escapar del entorno limitado AngularJS subyacente y lograr la ejecución remota de código a través de una dirección URL origin2://game/launch para la comunicación QtApplication QDesktopServices. EA Origin versions prior to 10.5.36 suffer from a remote code execution vulnerability via template injection leveraging cross site scripting. • https://www.exploit-db.com/exploits/47021 http://gamasutra.com/view/news/340907/A_nowfixed_Origin_vulnerability_potentially_opened_the_client_to_hackers.php http://packetstormsecurity.com/files/153375/dotProject-2.1.9-SQL-Injection.html http://packetstormsecurity.com/files/153485/EA-Origin-Template-Injection-Remote-Code-Execution.html https://blog.underdogsecurity.com/rce_in_origin_client https://gizmodo.com/ea-origin-users-update-your-client-now-1834079604 https://techcrunch.com/2019/04/16/ea-origin-bu • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2014-5921
https://notcve.org/view.php?id=CVE-2014-5921
The Need for Speed Network (aka com.ea.nfsautolog.bv) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. La aplicación Need for Speed Network 1.0.1 (también conocida como com.ea.nfsautolog.bv) para Android no verifica los certificados X.509 de los servidores SSL, lo que permite a atacantes man-in-the-middle falsificar servidores y obtener información sensible a través de un certificado manipulado. • http://www.kb.cert.org/vuls/id/388105 http://www.kb.cert.org/vuls/id/582497 https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing • CWE-310: Cryptographic Issues •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 2CVE-2013-4867 – Karotz Smart Rabbit 12.07.19.00 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-4867
Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking Electronic Arts Karotz Smart Rabbit versión 12.07.19.00, permite el secuestro del módulo Python. • https://www.exploit-db.com/exploits/27285 http://www.exploit-db.com/exploits/27285 https://exchange.xforce.ibmcloud.com/vulnerabilities/86222 • CWE-269: Improper Privilege Management •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 3CVE-2009-5095 – ea-gBook 0.1 - Remote Command Execution / Remote File Inclusion
https://notcve.org/view.php?id=CVE-2009-5095
PHP remote file inclusion vulnerability in index_inc.php in ea gBook 0.1 and 0.1.4 allows remote attackers to execute arbitrary PHP code via a URL in the inc_ordner parameter. Vulnerabilidad de inclusión de archivos en index_inc.php en ea gBook v0.1 y v0.1.4 permite a atacantes remotos ejecutar código PHP arbitrario a través de una URL en el parámetro inc_ordner. • https://www.exploit-db.com/exploits/8052 http://secunia.com/advisories/33927 http://www.exploit-db.com/exploits/8052 http://www.securityfocus.com/bid/33774 https://exchange.xforce.ibmcloud.com/vulnerabilities/48759 • CWE-94: Improper Control of Generation of Code ('Code Injection') •