Unrated severityNVD Advisory· Published Mar 6, 2006· Updated Apr 16, 2026

CVE-2006-1010

Description

Buffer overflow in socket/request.c in CrossFire before 1.9.0, when oldsocketmode is enabled, allows remote attackers to cause a denial of service (segmentation fault) and possibly execute code by sending the server a large request.

Affected products

Crossfire/Crossfire2 versions
cpe:2.3:a:crossfire:crossfire:1.7.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:crossfire:crossfire:1.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:crossfire:crossfire:1.8.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cvs.sourceforge.net/viewcvs.py/crossfire/crossfire/socket/request.cnvdPatch
aluigi.altervista.org/poc/crossfirebof.zipnvdExploitVendor Advisory
secunia.com/advisories/19044nvdExploitPatchVendor Advisory
secunia.com/advisories/19194nvd
secunia.com/advisories/19785nvd
www.debian.org/security/2006/dsa-1001nvd
www.gentoo.org/security/en/glsa/glsa-200604-11.xmlnvd
www.osvdb.org/23549nvd
www.securityfocus.com/bid/16883nvd
www.vupen.com/english/advisories/2006/0760nvd
exchange.xforce.ibmcloud.com/vulnerabilities/24932nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.023
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000