Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2010-0402
HistoryMay 05, 2010 - 1:22 p.m.

CVE-2010-0402

2010-05-0513:22:54
Debian Security Bug Tracker
security-tracker.debian.org
13
openttd
remote code execution
denial of service
crafted command
unix

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

EPSS

0.004

Percentile

74.1%

OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command.

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

EPSS

0.004

Percentile

74.1%