汇总 activision 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
常见弱点模式包括 缓冲区溢出、输入验证问题与内存损坏,在 软件部署与生产负载 使用场景中可能带来 应用崩溃、内存损坏与异常行为 等风险。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2019-20893 | An issue was discovered in Activision Infinity Ward Call of Duty Modern Warfare 2 through 2019-12-11. PartyHost_HandleJoinPartyRequest has a buffer overflow vulnerability and can be exploited by using a crafted joinParty packet. This can be utilized to conduct arbitrary code execution on a victim's machine. | [email protected] | 9.8 | 2.17% | 2020-06-30 | 2026-06-16 |
| CVE-2018-20817 | SV_SteamAuthClient in various Activision Infinity Ward Call of Duty games before 2015-08-11 is missing a size check when reading authBlob data into a buffer, which allows one to execute code on the remote target machine when sending a steam authentication request. This affects Call of Duty: Modern Warfare 2, Call of Duty: Modern Warfare 3, Call of Duty: Ghosts, Call of Duty: Advanced Warfare, Call of Duty: Black Ops 1, and Call of Duty: Black Ops 2. | [email protected] | 9.8 | 3.60% | 2019-04-19 | 2026-06-16 |
| CVE-2018-10718 | Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to execute arbitrary code via crafted packets. | [email protected] | 10.0 | 31.22% | 2018-05-03 | 2026-06-16 |
| CVE-2012-4918 | Call of Duty Elite for iOS 2.0.1 does not properly validate the server SSL certificate, which allows remote attackers to obtain sensitive information via a Man-in-the-Middle (MITM) attack. | [email protected] | 5.8 | 1.07% | 2013-01-22 | 2026-06-16 |
| CVE-2008-2106 | Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated users to cause a denial of service (crash) via a type 7 stats packet, which triggers a memcpy with a negative value. | [email protected] | 6.8 | 7.66% | 2008-05-07 | 2026-06-16 |
| CVE-2006-5058 | Buffer overflow in (1) Call of Duty 1.5b and earlier, (2) Call of Duty United Offensive 1.51b and earlier, and (3) Call of Duty 2 1.3 and earlier allows remote attackers to execute arbitrary code via a long map argument to the "callvote map" command. | [email protected] | 7.5 | 9.56% | 2006-09-27 | 2026-06-16 |
| CVE-2005-0983 | Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (client disconnect) via a long message, which is not properly truncated and causes the engine to process the remaining data as if it were network data. | [email protected] | 5.0 | 2.56% | 2005-05-02 | 2026-06-16 |
| CVE-2004-1664 | Call of Duty 1.4 and earlier allows remote attackers to cause a denial of service (game end) via a large (1) query or (2) reply packet, which is not properly handled by the buffer overflow protection mechanism. NOTE: this issue might overlap CVE-2005-0430. | [email protected] | 5.0 | 7.55% | 2004-09-05 | 2026-06-16 |