Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openttd
(Openttd)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 20 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2010-11-17 | CVE-2010-4168 | Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/network_server.cpp; and (3) remote servers to cause a denial of service (invalid read and... | Fedora, Openttd | 7.5 | ||
2019-11-07 | CVE-2012-0049 | OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. | Debian_linux, Fedora, Openttd | N/A | ||
2013-12-14 | CVE-2013-6411 | The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map. | Openttd | N/A | ||
2012-10-09 | CVE-2012-3436 | OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to "the water/coast aspect of tiles which also have railtracks on one half." | Openttd | N/A | ||
2012-08-25 | CVE-2012-0048 | OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a "slow read" attack. | Openttd | N/A | ||
2011-09-08 | CVE-2011-3343 | Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file. | Openttd | N/A | ||
2011-09-08 | CVE-2011-3342 | Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame. | Openttd | N/A | ||
2011-09-08 | CVE-2011-3341 | Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command. | Openttd | N/A | ||
2010-07-28 | CVE-2010-2534 | The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted request, related to the client command queue. | Openttd | N/A | ||
2010-05-05 | CVE-2010-0406 | OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map. | Openttd | N/A |