CVE-2006-3913

2006-07-2800:00:00

ubuntu.com

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.064 Low

EPSS

Percentile

93.7%

JSON

Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul 2006 and
earlier, allows remote attackers to cause a denial of service (crash) and
possibly execute arbitrary code via a (1) negative chunk_length or a (2)
large chunk->offset value in a PACKET_PLAYER_ATTRIBUTE_CHUNK packet in the
generic_handle_player_attribute_chunk function in common/packets.c, and (3)
a large packet->length value in the handle_unit_orders function in
server/unithand.c.

OSVersionArchitecturePackageVersionFilename
ubuntu6.10noarchfreeciv< 2.0.8-3UNKNOWN
ubuntu7.04noarchfreeciv< 2.0.8-3UNKNOWN
ubuntu7.10noarchfreeciv< 2.0.8-3UNKNOWN
ubuntu8.04noarchfreeciv< 2.0.8-3UNKNOWN
ubuntu8.10noarchfreeciv< 2.0.8-3UNKNOWN
ubuntu9.04noarchfreeciv< 2.0.8-3UNKNOWN
ubuntu9.10noarchfreeciv< 2.0.8-3UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	6.10	noarch	freeciv	< 2.0.8-3	UNKNOWN
ubuntu	7.04	noarch	freeciv	< 2.0.8-3	UNKNOWN
ubuntu	7.10	noarch	freeciv	< 2.0.8-3	UNKNOWN
ubuntu	8.04	noarch	freeciv	< 2.0.8-3	UNKNOWN
ubuntu	8.10	noarch	freeciv	< 2.0.8-3	UNKNOWN
ubuntu	9.04	noarch	freeciv	< 2.0.8-3	UNKNOWN
ubuntu	9.10	noarch	freeciv	< 2.0.8-3	UNKNOWN