CVEs-PoC/2004/CVE-2004-2099.md

### [CVE-2004-2099](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2099)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brightgreen)

### Description

Buffer overflow in Need for Speed Hot Pursuit 2.0 client (NFSHP2), version 242 and earlier, allows remote attackers (servers) to execute arbitrary code via long (1) gamename, (2) gamever, (3) hostname, (4) gametype, (5) mapname or (6) gamemode commands.

### POC

#### Reference
- http://aluigi.altervista.org/adv/nfshp2cbof-adv.txt
- http://marc.info/?l=bugtraq&m=107479094508691&w=2

#### Github
No PoCs found on GitHub currently.