Unrated severityNVD Advisory· Published Jul 28, 2006· Updated Apr 16, 2026

CVE-2006-3913

Description

Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul 2006 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) negative chunk_length or a (2) large chunk->offset value in a PACKET_PLAYER_ATTRIBUTE_CHUNK packet in the generic_handle_player_attribute_chunk function in common/packets.c, and (3) a large packet->length value in the handle_unit_orders function in server/unithand.c.

Affected products

Freeciv/Freeciv
cpe:2.3:a:freeciv:freeciv:2.1.0_beta1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/21254nvdPatchVendor Advisory
aluigi.altervista.org/adv/freecivx-adv.txtnvdExploit
www.securityfocus.com/bid/19117nvdExploit
secunia.com/advisories/21171nvdVendor Advisory
secunia.com/advisories/21352nvd
securityreason.com/securityalert/1296nvd
www.debian.org/security/2006/dsa-1142nvd
www.mandriva.com/security/advisoriesnvd
www.securityfocus.com/archive/1/441042/100/0/threadednvd
www.vupen.com/english/advisories/2006/2942nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27955nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27956nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000