1. CVE-Search
  2. CVE-2006-3788
ID CVE-2006-3788
Summary Multiple buffer overflows in multiplay.cpp in UFO2000 svn 1057 allow remote attackers to execute arbitrary code via (1) a long unit name in Net::recv_add_unit,; (2) large values to Net::recv_rules, Net::recv_select_unit, Net::recv_options, and Net::recv_unit_data; and (3) a large mapdata GEODATA structure in Net::recv_map_data.
References
Vulnerable Configurations
  • cpe:2.3:a:ufo2000:ufo2000:*:*:*:*:*:*:*:*
    cpe:2.3:a:ufo2000:ufo2000:*:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 17-10-2018 - 21:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bugtraq 20060716 Multiple vulnerabilities in UFO2000 svn 1057
confirm
gentoo GLSA-200702-10
misc http://aluigi.altervista.org/adv/ufo2ko-adv.txt
sectrack 1016503
secunia
  • 21091
  • 24297
sreason 1259
vupen ADV-2006-2837
xf ufo2000-recvaddunit-bo(27798)
Last major update 17-10-2018 - 21:30
Published 24-07-2006 - 12:19
Last modified 17-10-2018 - 21:30
Back to Top