Call of Duty Modern Warefare 2 – Buffer Overflow

Authors:Alex Inführ         Risk:High

CVE:NO                     0day:Buffer Overflow 

0day -id:0DAY-176141        Date:2018-05-07

Background

Call of Duty: Modern Warfare 2) is a first-person shooter game developed by Infinity Ward. On February 11, 2009, Activision announced this action and it was determined to be on sale on November 10, 2009. “Call of Duty: Modern Warfare 2” is the sequel to “Call of Duty 4: Modern Warfare”. The core part of its storyline and multiplayer game settings will be continued.

Detail

A few years ago, I became aware of a security issue in most Call of Duty games.
Although I did not discover it myself, I thought it might be interesting to see what it could be used for.

Without going into detail, this security issue allows users playing a Call of Duty match to cause a buffer overflow on the host’s system inside a stack-allocated buffer within the game’s network handling.
In consquence, this allows full remote code execution!

The code has been published as the vulnerability used has been patched on all cod games as of 4/26/2018.

For more information, read the post at https://momo5502.com/blog/?p=34

Download: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/44582.zip

 

 

Leave a Reply