VDB
CVE-2006-1010
CVE-2006-1010
PUBLISHED
CVSS 6.400000095367432 MEDIUM
Buffer overflow in socket/request.c in CrossFire before 1.9.0, when oldsocketmode is enabled, allows remote attackers to cause a denial of service (segmentation fault) and possibly execute code by sending the server a large request.
EPSS 28.40% · 96.6th percentile
Risk Scores
CVSS 2.0
6.400000095367432
EPSS Score
28.40%
96.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| crossfire | crossfire | 1.7.0, 1.8.0 |
Timeline
- Mar 6, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- 19785 third-party-advisory
- http://cvs.sourceforge.net/viewcvs.py/crossfire/crossfire/socket/request.c?r1=1.80&r2=1.81 url
- DSA-1001 vendor-advisory
- ADV-2006-0760 vdb
- 16883 vdb
- 19044 third-party-advisory
- http://aluigi.altervista.org/poc/crossfirebof.zip url
- crossfire-oldsocketmode-bo(24932) vdb
- GLSA-200604-11 vendor-advisory
- 23549 vdb
- 19194 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2006-1010 advisory