• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

Ea

CVE-2019-19248

February 26, 2023 by

Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2).

CVE-2019-12828

February 26, 2023 by

An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via the platformpluginpath argument supplied with a Windows network share.

CVE-2019-11354

February 26, 2023 by

The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices communication.

  • « Go to Previous Page
  • Go to page 1
  • Go to page 2

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE