Vulnerabilities > Freeciv

DATE CVE VULNERABILITY TITLE RISK
2020-01-23 CVE-2012-6083 Resource Exhaustion vulnerability in Freeciv
Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet.
network
low complexity
freeciv CWE-400
7.8
2019-12-30 CVE-2012-5645 Resource Exhaustion vulnerability in multiple products
A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets.
network
low complexity
freeciv fedoraproject CWE-400
7.8
2010-07-08 CVE-2010-2445 OS Command Injection vulnerability in Freeciv 2.2.0/2.3.0
freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via a scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions.
network
low complexity
freeciv CWE-78
critical
10.0
2006-07-28 CVE-2006-3913 Remote Denial of Service vulnerability in Freeciv 2.1.0Beta1
Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul 2006 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) negative chunk_length or a (2) large chunk->offset value in a PACKET_PLAYER_ATTRIBUTE_CHUNK packet in the generic_handle_player_attribute_chunk function in common/packets.c, and (3) a large packet->length value in the handle_unit_orders function in server/unithand.c.
network
low complexity
freeciv
7.5
2006-03-07 CVE-2006-0047 Resource Management Errors vulnerability in Freeciv
packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values.
network
low complexity
freeciv CWE-399
5.0