CVE-2006-1236

EPSS 11.5%

crossfire - buffer overflow

Published: 3/15/2006Modified: 4/28/2026

Also known as:DEBIAN-CVE-2006-1236

Description

Buffer overflow in the SetUp function in socket/request.c in CrossFire 1.9.0 allows remote attackers to execute arbitrary code via a long setup sound command, a different vulnerability than CVE-2006-1010.

Affected packages (2)

Debian/crossfirefrom 0, < 1.9.0-2
Debian/crossfirefrom 0, < 1.1.0-1woody2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-1236