CVE-2006-3788

Name of the Vulnerable Software and Affected Versions UFO2000 version prior to svn 1058

Description The issue is related to multiple buffer overflows in the multiplay.cpp file. These overflows can be triggered by a remote attacker through various means, including sending a long unit name, large values to specific functions, or a large mapdata GEODATA structure. This can potentially allow the execution of arbitrary code.

Recommendations For UFO2000 version prior to svn 1058, update to a version later than svn 1057 to resolve the issue. As a temporary workaround, consider restricting access to the Net::recv add unit, Net::recv rules, Net::recv select unit, Net::recv options, Net::recv unit data, and Net::recv map data functions until a patch is available. Avoid using large values or structures in these functions to minimize the risk of exploitation.