cve/2004/CVE-2004-2099.md

### [CVE-2004-2099](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2099)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Buffer overflow in Need for Speed Hot Pursuit 2.0 client (NFSHP2), version 242 and earlier, allows remote attackers (servers) to execute arbitrary code via long (1) gamename, (2) gamever, (3) hostname, (4) gametype, (5) mapname or (6) gamemode commands.

### POC

#### Reference
- http://aluigi.altervista.org/adv/nfshp2cbof-adv.txt
- http://marc.info/?l=bugtraq&m=107479094508691&w=2

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2004-2099](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2099)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`Buffer overflow in Need for Speed Hot Pursuit 2.0 client (NFSHP2), version 242 and earlier, allows remote attackers (servers) to execute arbitrary code via long (1) gamename, (2) gamever, (3) hostname, (4) gametype, (5) mapname or (6) gamemode commands.`

			`### POC`

			`#### Reference`
			`- http://aluigi.altervista.org/adv/nfshp2cbof-adv.txt`
			`- http://marc.info/?l=bugtraq&m=107479094508691&w=2`

			`#### Github`
			`No PoCs found on GitHub currently.`