CVEブラウザに戻る

CVE-2012-5645

HIGH

7.5

CVSS Severity Score

EPSS Score0.1420%

EPSS Percentile10.35th

Published2019年12月30日

Last Modified2024年11月21日

Vulnerability Description

A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive CPU consumption.

Affected Platforms (CPE)

📦

Freeciv

Freeciv

< 2.3.4

💻

Fedoraproject

Fedora

= 16

💻

Fedoraproject

Fedora

= 17

💻

Fedoraproject

Fedora

= 18

References & Advisories

🔗 http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095378.html

🔗 http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095381.html

🔗 http://lists.fedoraproject.org/pipermail/package-announce/2013-January/096391.html

🔗 http://www.openwall.com/lists/oss-security/2012/12/18/5

🔗 http://www.openwall.com/lists/oss-security/2012/12/22/4

🔗 http://www.openwall.com/lists/oss-security/2012/12/30/11

🔗 http://www.openwall.com/lists/oss-security/2012/12/30/8

🔗 http://www.openwall.com/lists/oss-security/2012/12/31/2

関連する脆弱性情報

CVE-2010-244510.0

freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via a scenari...

CVE-2006-39137.5

Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul 2006 and earlier, allows remote attackers to cause a denial of ...

CVE-2012-60837.5

Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet.

CVE-2006-00475.0

packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with...