MidnightBSD

Advisories for ubi

CVE-2014-4334 HIGH

Stack-based buffer overflow in Ubisoft Rayman Legends before 1.3.140380 allows remote attackers to execute arbitrary code via a long string in the "second connection" to TCP port 1001.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
ubi rayman_legends *
ubi rayman_legends 1.1.100477
ubi rayman_legends 1.0.95278
CVE-2014-5453 HIGH

Ubisoft Uplay PC before 4.6.1.3217 use weak permissions (Everyone: Full Control) for the program installation directory (%PROGRAMFILES%\Ubisoft Game Launcher), which allows local users to gain privileges via a Trojan horse file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
ubi uplay_pc 4.5.2.3010
ubi uplay_pc *