diff --git a/src/commands.cpp b/src/commands.cpp
index be6a8b7..58847c9 100644
--- a/src/commands.cpp
+++ b/src/commands.cpp
@@ -641,7 +641,7 @@ void AOClient::cmdArea(int argc, QStringList argv)
 {
     bool ok;
     int new_area = argv[0].toInt(&ok);
-    if (!ok) {
+    if (!ok || new_area > server->areas.size() || new_area < 0) {
         sendServerMessage("That does not look like a valid area ID.");
         return;
     }
diff --git a/src/packets.cpp b/src/packets.cpp
index d36a96e..39d9997 100644
--- a/src/packets.cpp
+++ b/src/packets.cpp
@@ -289,7 +289,7 @@ void AOClient::pktRemoveEvidence(AreaData* area, int argc, QStringList argv, AOP
 {
     bool is_int = false;
     int idx = argv[0].toInt(&is_int);
-    if (is_int) {
+    if (is_int && idx <= area->evidence.size() && idx >= 0) {
         area->evidence.removeAt(idx);
     }
     sendEvidenceList(area);
@@ -300,7 +300,7 @@ void AOClient::pktEditEvidence(AreaData* area, int argc, QStringList argv, AOPac
     bool is_int = false;
     int idx = argv[0].toInt(&is_int);
     AreaData::Evidence evi = {argv[1], argv[2], argv[3]};
-    if (is_int) {
+    if (is_int && idx <= area->evidence.size() && idx >= 0) {
         area->evidence.replace(idx, evi);
     }
     sendEvidenceList(area);