SQL injection vulnerability in ServerClientUfo::recv_packet in server_protocol.cpp in UFO2000 svn 1057 allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving the packet.c_str function.
Max CVSS
7.5
EPSS Score
1.28%
Published
2006-07-24
Updated
2018-10-17
The decode_stringmap function in server_transport.cpp for UFO2000 svn 1057 allows remote attackers to cause a denial of service (daemon termination) via a large keysize or valsize, which causes a crash when the resize function cannot allocate sufficient memory.
Max CVSS
5.0
EPSS Score
9.33%
Published
2006-07-24
Updated
2018-10-17
The decode_stringmap function in server_transport.cpp for UFO2000 svn 1057 allows remote attackers to cause a denial of service (daemon termination) via a keysize or valsize that is inconsistent with the packet size, which leads to a buffer over-read.
Max CVSS
5.0
EPSS Score
9.33%
Published
2006-07-24
Updated
2018-10-17
Multiple array index errors in the (1) recv_rules, (2) recv_select_unit, (3) recv_options, and (4) recv_unit_data functions in multiplay.cpp in UFO2000 svn 1057 allow remote attackers to execute arbitrary code and cause a denial of service (opponent crash) via certain packet data that specifies an out-of-bounds index.
Max CVSS
7.5
EPSS Score
9.30%
Published
2006-07-24
Updated
2018-10-17
Multiple buffer overflows in multiplay.cpp in UFO2000 svn 1057 allow remote attackers to execute arbitrary code via (1) a long unit name in Net::recv_add_unit,; (2) large values to Net::recv_rules, Net::recv_select_unit, Net::recv_options, and Net::recv_unit_data; and (3) a large mapdata GEODATA structure in Net::recv_map_data.
Max CVSS
7.5
EPSS Score
10.64%
Published
2006-07-24
Updated
2018-10-17
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!