Strix
26.1K

CVE-2006-3789

UnknownEPSS 4.02%

Last modified

CVE-2006-3789 is a vulnerability of currently unknown severity. Multiple array index errors in the (1) recv_rules, (2) recv_select_unit, (3) recv_options, and (4) recv_unit_data functions in multiplay.cpp in UFO2000 svn 1057 allow remote attackers to execute arbitrary code and cause a denial of service (opponent crash) via certain packet data that specifies an out-of-bounds index.. EPSS estimates a 4.02% chance of exploitation in the next 30 days.

Description

Multiple array index errors in the (1) recv_rules, (2) recv_select_unit, (3) recv_options, and (4) recv_unit_data functions in multiplay.cpp in UFO2000 svn 1057 allow remote attackers to execute arbitrary code and cause a denial of service (opponent crash) via certain packet data that specifies an out-of-bounds index.

Metrics

EPSS Probability
4.02%

89.3th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
Ufo2000Ufo2000<= svn_1057

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2006-3789?
Multiple array index errors in the (1) recv_rules, (2) recv_select_unit, (3) recv_options, and (4) recv_unit_data functions in multiplay.cpp in UFO2000 svn 1057 allow remote attackers to execute arbitrary code and cause a denial of service (opponent crash) via certain packet data that specifies an out-of-bounds index.
How severe is CVE-2006-3789?
Severity scoring for CVE-2006-3789 is pending analysis. The EPSS model estimates a 4.02% probability of exploitation in the next 30 days.
How do I fix CVE-2006-3789?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-3789?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST