RSS   Vulnerabilities for 'Freeciv'   RSS

2020-01-23
 
CVE-2012-6083

CWE-400
 

 
Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet.

 
2019-12-30
 
CVE-2012-5645

CWE-400
 

 
A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive CPU consumption.

 
2010-07-08
 
CVE-2010-2445

CWE-78
 

 
freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via a scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions.

 
2006-07-27
 
CVE-2006-3913

CWE-Other
 

 
Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul 2006 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) negative chunk_length or a (2) large chunk->offset value in a PACKET_PLAYER_ATTRIBUTE_CHUNK packet in the generic_handle_player_attribute_chunk function in common/packets.c, and (3) a large packet->length value in the handle_unit_orders function in server/unithand.c.

 
2006-03-07
 
CVE-2006-0047

CWE-399
 

 
packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values.

 


Copyright 2024, cxsecurity.com

 

Back to Top