CyberSec.Space Logo
Back to CVE Browser

CVE-2006-7095

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1860%
EPSS Percentile10.61th
PublishedMar 2, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Integer signedness error in the network_receive_packet function in socket.c in dimension 3 engine (dim3) 1.5 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large data_len value, which is cast to a signed short and results in a buffer overflow.

Affected Platforms (CPE)

πŸ“¦
Klink

Dim3

<= 1.5

References & Advisories

πŸ”— http://aluigi.altervista.org/adv/dim3bof-adv.txt
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/26082
πŸ”— http://aluigi.altervista.org/adv/dim3bof-adv.txt
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/26082

Related Vulnerabilities

CVE-2006-709610.0

Buffer overflow in the network_host_handle_join function in host.c in dimension 3 engine (dim3) 1.5 and earlier allows remote atta...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...