Vulnerability Details : CVE-2006-0047
packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values.
Vulnerability category: Denial of service
Products affected by CVE-2006-0047
- cpe:2.3:a:freeciv:freeciv:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:freeciv:freeciv:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:freeciv:freeciv:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:freeciv:freeciv:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:freeciv:freeciv:2.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:freeciv:freeciv:2.0.7a:*:*:*:*:*:*:*
- cpe:2.3:a:freeciv:freeciv:2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:freeciv:freeciv:2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:freeciv:freeciv:2.0.6:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-0047
13.59%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-0047
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2006-0047
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2006-0047
-
http://www.vupen.com/english/advisories/2006/0838
Site en constructionVendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/25166
Freeciv packets.c denial of service CVE-2006-0047 Vulnerability Report
-
http://www.gentoo.org/security/en/glsa/glsa-200603-11.xml
Freeciv: Denial of service (GLSA 200603-11) — Gentoo security
-
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=355211
#355211 - freeciv-server: security hole - Debian Bug report logs
-
http://secunia.com/advisories/19253
About Secunia Research | FlexeraVendor Advisory
-
http://www.debian.org/security/2006/dsa-994
[SECURITY] [DSA 994-1] New freeciv packages fix denial of service
-
http://www.securityfocus.com/bid/16975
Patch
-
http://secunia.com/advisories/19227
About Secunia Research | FlexeraVendor Advisory
-
http://www.securityfocus.com/archive/1/426866/100/0/threaded
-
http://secunia.com/advisories/19120
About Secunia Research | FlexeraPatch;Vendor Advisory
-
http://www.mandriva.com/security/advisories?name=MDKSA-2006:053
Mandriva
Jump to