Lucene search

[email protected]CVE-2008-3576

HistoryAug 10, 2008 - 9:41 p.m.

CVE-2008-3576

2008-08-1021:41:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-3576

buffer overflow

truncatestring

openttd

denial of service

arbitrary code

nvd

8.2 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.089 Low

EPSS

Percentile

94.6%

JSON

Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string. NOTE: some of these details are obtained from third party information.

CPENameOperatorVersion
openttd:openttdopenttdeq0.6.2-rc1
openttd:openttdopenttdeq0.6.1
openttd:openttdopenttdle0.6.2-rc2

CPE	Name	Operator	Version
openttd:openttd	openttd	eq	0.6.2-rc1
openttd:openttd	openttd	eq	0.6.1
openttd:openttd	openttd	le	0.6.2-rc2

References

bugs.gentoo.org/show_bug.cgi?id=233929

secunia.com/advisories/31350

secunia.com/advisories/34161

security.gentoo.org/glsa/glsa-200903-09.xml

sourceforge.net/project/shownotes.php?release_id=617243

www.openttd.org/index.php

www.securityfocus.com/bid/30525

www.vupen.com/english/advisories/2008/2285

exchange.xforce.ibmcloud.com/vulnerabilities/44168

8.2 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.089 Low

EPSS

Percentile

94.6%

JSON

Related for CVE-2008-3576

debiancve1 cvelist1 prion1 ubuntucve1 openvas2 nessus1 gentoo1