Freeciv
by Freeciv
CVEs (5)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2006-0047 | 0.04 | — | 0.16 | Mar 7, 2006 | packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values. | ||
| CVE-2012-6083 | 0.03 | — | 0.04 | Jan 23, 2020 | Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet. | ||
| CVE-2006-3913 | 0.01 | — | 0.09 | Jul 28, 2006 | Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul 2006 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) negative chunk_length or a (2) large chunk->offset value in a PACKET_PLAYER_ATTRIBUTE_CHUNK packet in the generic_handle_player_attribute_chunk function in common/packets.c, and (3) a large packet->length value in the handle_unit_orders function in server/unithand.c. | ||
| CVE-2012-5645 | 0.00 | — | 0.06 | Dec 30, 2019 | A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive CPU consumption. | ||
| CVE-2010-2445 | 0.00 | — | 0.01 | Jul 8, 2010 | freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via a scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions. |