CVE-2012-5645
moderate-risk
Published 2019-12-30
A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive CPU consumption.
Do I need to act?
~
6.1% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
NETWORK
/ LOW complexity
Affected Vendors
References (26)
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095378.ht...
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095381.ht...
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-January/096391.ht...
Third Party Advisory
http://www.securityfocus.com/bid/41352
Issue Tracking
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696306
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5645
Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2012-5645
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095378.ht...
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095381.ht...
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-January/096391.ht...
and 6 more references
45
/ 100
moderate-risk
Severity
26/34 · High
Exploitability
9/34 · Low
Exposure
10/34 · Low