CVE-2006-3913

Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul 2006 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) negative chunk_length or a (2) large chunk->offset value in a PACKET_PLAYER_ATTRIBUTE_CHUNK packet in the generic_handle_player_attribute_chunk function in common/packets.c, and (3) a large packet->length value in the handle_unit_orders function in server/unithand.c.

Publication date: Thu, 18 Oct 2018 02:32:00 +0000

Cyber News related to CVE-2006-3913

CVE-2006-3913 - Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul 2006 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) negative chunk_length or a (2) large chunk->offset ...
1 year ago

CVE-2023-3913 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. ...
1 month ago Tenable.com

CVE-2019-3913 - Command manipulation in LabKey Server Community Edition before 18.3.0-61806.763 allows an authenticated remote attacker to unmount any drive on the system leading to denial of service. ...
3 years ago

CVE-2010-3913 - CRLF injection vulnerability in TransWARE Active! mail 6 build 6.40.010047750 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. ...
14 years ago

CVE-2005-3913 - Unspecified vulnerability in the domain alias management in Virtual Hosting Control System (VHCS) 2.4.6.2, related to "creating and deleting forwards for domain aliases," allows users to hijack the forwardings of other users. ...
14 years ago

CVE-2012-3913 - The Cisco VC220 and VC240 cameras allow remote attackers to cause a denial of service (WebUI outage) via crafted packets, aka Bug IDs CSCtf73188, CSCtf88059, CSCtf87951, CSCtf87908, and CSCtf88019. ...
11 years ago

CVE-2014-3913 - Stack-based buffer overflow in AccessServer32.exe in Ericom AccessNow Server allows remote attackers to execute arbitrary code via a request for a non-existent file. ...
9 years ago

CVE-2016-3913 - media/libmediaplayerservice/MediaPlayerService.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not validate a certain static_cast operation, which allows ...
8 years ago

CVE-2015-3913 - The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denial of service (reboot) via a crafted ICMP request message. ...
7 years ago

CVE-2007-3913 - SQL injection vulnerability in Gforge before 3.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. The following link provides information on the vulnerability: ...
7 years ago

CVE-2009-3913 - SQL injection vulnerability in summary.php in Xerox Fiery Webtools allows remote attackers to execute arbitrary SQL commands via the select parameter. ...
6 years ago

CVE-2011-3913 - Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling. ...
4 years ago

CVE-2008-3913 - Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic". ...
4 years ago

CVE-2020-3913 - A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, watchOS 6.2. A malicious application may be able to elevate privileges. ...
3 years ago

CVE-2018-3913 - An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, ...
1 year ago

CVE-2013-3913 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none ...
55 years ago Tenable.com

CVE-2017-3913 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
55 years ago Tenable.com

CVE-2022-3913 - Rapid7 Nexpose and InsightVM versions 6.6.82 through 6.6.177 fail to validate the certificate of the update server when downloading updates. This failure could allow an attacker in a privileged position on the network to provide their own HTTPS ...
2 years ago

CVE-2024-50228 - In the Linux kernel, the following vulnerability has been resolved: mm: shmem: fix data-race in shmem_getattr() I got the following KCSAN report during syzbot testing: ================================================================== BUG: KCSAN: ...
4 months ago Tenable.com

CVE-2021-3913 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none ...
1 year ago

CVE-2024-3913 - An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup. ...
1 month ago

CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
55 years ago Tenable.com

CVE-2006-7224 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All ...
55 years ago Tenable.com

CVE-2006-5296 - PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted ...
1 year ago

CVE-2006-1530 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
6 years ago

CVE-2006-3913

Cyber News related to CVE-2006-3913

Latest Cyber News

Cyber Trends (last 7 days)

Trending Cyber News (last 7 days)