CVE-2019-11354

Опубликовано: 19 апр. 2019

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Средний

Описание

The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices communication.

Ссылки

http://gamasutra.com/view/news/340907/A_nowfixed_Origin_vulnerability_potentially_opened_the_client_to_hackers.php
Third Party Advisory
http://packetstormsecurity.com/files/153375/dotProject-2.1.9-SQL-Injection.html
Exploit
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/153485/EA-Origin-Template-Injection-Remote-Code-Execution.html
Exploit
Third Party Advisory
VDB Entry
https://blog.underdogsecurity.com/rce_in_origin_client/
Broken Link
https://gizmodo.com/ea-origin-users-update-your-client-now-1834079604
Exploit
Third Party Advisory
https://techcrunch.com/2019/04/16/ea-origin-bug-exposed-hackers/
Exploit
Third Party Advisory
https://www.golem.de/news/sicherheitsluecke-ea-origin-fuehrte-schadcode-per-link-aus-1904-140738.html
Press/Media Coverage
Third Party Advisory
https://www.pcmag.com/news/367801/security-flaw-allowed-any-app-to-run-using-eas-origin-clien
Press/Media Coverage
Third Party Advisory
https://www.techradar.com/news/major-security-flaw-found-in-ea-origin-gaming-client
Press/Media Coverage
Third Party Advisory
https://www.thesun.co.uk/tech/8877334/sims-4-battlefield-fifa-origin-hackers/
Press/Media Coverage
Third Party Advisory
https://www.trustedreviews.com/news/time-update-origin-eas-game-client-security-risk-just-installed-3697942
Third Party Advisory
https://www.vg247.com/2019/04/17/ea-origin-security-flaw-run-malicious-code-fixed/
Third Party Advisory
http://gamasutra.com/view/news/340907/A_nowfixed_Origin_vulnerability_potentially_opened_the_client_to_hackers.php
Third Party Advisory
http://packetstormsecurity.com/files/153375/dotProject-2.1.9-SQL-Injection.html
Exploit
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/153485/EA-Origin-Template-Injection-Remote-Code-Execution.html
Exploit
Third Party Advisory
VDB Entry
https://blog.underdogsecurity.com/rce_in_origin_client/
Broken Link
https://gizmodo.com/ea-origin-users-update-your-client-now-1834079604
Exploit
Third Party Advisory
https://techcrunch.com/2019/04/16/ea-origin-bug-exposed-hackers/
Exploit
Third Party Advisory
https://www.golem.de/news/sicherheitsluecke-ea-origin-fuehrte-schadcode-per-link-aus-1904-140738.html
Press/Media Coverage
Third Party Advisory
https://www.pcmag.com/news/367801/security-flaw-allowed-any-app-to-run-using-eas-origin-clien
Press/Media Coverage
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ea:origin:10.5.36:*:*:*:*:windows:*:*

EPSS

Процентиль: 98%

0.46924

Средний

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-74

Связанные уязвимости

GHSA-hx6h-52mp-q9jp