← Back to CVEs
CVE-2010-2627
N/ADescription
Multiple directory traversal vulnerabilities in the Refractor 2 engine, as used in Battlefield 2 1.50 (1.5.3153-802.0) and earlier, and Battlefield 2142 (1.10.48.0) and earlier, allow remote servers to overwrite arbitrary files on the client via "..\" (dot dot backslash) sequences in URLs for the (1) sponsor or (2) community logos, and other URLs related to (3) DemoDownloadURL, (4) DemoIndexURL and (5) CustomMapsURL.
CVE Details
CVSS v3.1 ScoreN/A
Published7/2/2010
Last Modified4/29/2026
Sourcenvd
Honeypot Sightings0
Affected Products
ea:battlefield_2ea:battlefield_2142
Weaknesses (CWE)
CWE-22
References
http://aluigi.altervista.org/adv/bf2urlz-adv.txt(cve@mitre.org)
http://osvdb.org/65863(cve@mitre.org)
http://secunia.com/advisories/40334(cve@mitre.org)
http://www.securityfocus.com/bid/41262(cve@mitre.org)
http://aluigi.altervista.org/adv/bf2urlz-adv.txt(af854a3a-2127-422b-91ae-364da2661108)
http://osvdb.org/65863(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/40334(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/41262(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.