Buffer overflow in the SetUp function in socket/request.c in CrossFire 1.9.0 allows remote attackers to execute arbitrary code via a long setup sound command, a different vulnerability than CVE-2006-1010. Reference: https://exchange.xforce.ibmcloud.com/vulnerabilities/25252
I can't find a reference to the code that needs fixing, or a patch. We now ship 1.75.1, I wonder if this still applies.
CVE-2006-1010 was for "Crossfire, a multiplayer adventure game". That's not the crossfire we ship in CodeReady Studio.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2006-1236