Lucene search
HistorySep 08, 2011 - 6:55 p.m.
CVE-2011-3343
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
7.7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file.
Affected configurations
Node
openttdopenttdRange≤1.1.2
ORopenttdopenttdMatch0.1.1
ORopenttdopenttdMatch0.1.2
ORopenttdopenttdMatch0.1.3
ORopenttdopenttdMatch0.1.4
ORopenttdopenttdMatch0.2.0
ORopenttdopenttdMatch0.2.1
ORopenttdopenttdMatch0.3.0
ORopenttdopenttdMatch0.3.1
ORopenttdopenttdMatch0.3.2
ORopenttdopenttdMatch0.3.2.1
ORopenttdopenttdMatch0.3.3
ORopenttdopenttdMatch0.3.4
ORopenttdopenttdMatch0.3.5
ORopenttdopenttdMatch0.3.6
ORopenttdopenttdMatch0.3.7
ORopenttdopenttdMatch0.4.0
ORopenttdopenttdMatch0.4.0.1
ORopenttdopenttdMatch0.4.5
ORopenttdopenttdMatch0.4.6
ORopenttdopenttdMatch0.4.7
ORopenttdopenttdMatch0.4.8
ORopenttdopenttdMatch0.4.8rc1
ORopenttdopenttdMatch0.4.8rc2
ORopenttdopenttdMatch0.5.0
ORopenttdopenttdMatch0.5.0rc1
ORopenttdopenttdMatch0.5.0rc2
ORopenttdopenttdMatch0.5.0rc3
ORopenttdopenttdMatch0.5.0rc4
ORopenttdopenttdMatch0.5.0rc5
ORopenttdopenttdMatch0.5.1
ORopenttdopenttdMatch0.5.1rc1
ORopenttdopenttdMatch0.5.1rc2
ORopenttdopenttdMatch0.5.1rc3
ORopenttdopenttdMatch0.5.2
ORopenttdopenttdMatch0.5.2rc1
ORopenttdopenttdMatch0.5.3
ORopenttdopenttdMatch0.5.3rc1
ORopenttdopenttdMatch0.5.3rc2
ORopenttdopenttdMatch0.5.3rc3
ORopenttdopenttdMatch0.6.0
ORopenttdopenttdMatch0.6.0beta1
ORopenttdopenttdMatch0.6.0beta2
ORopenttdopenttdMatch0.6.0beta3
ORopenttdopenttdMatch0.6.0beta4
ORopenttdopenttdMatch0.6.0beta5
ORopenttdopenttdMatch0.6.0rc1
ORopenttdopenttdMatch0.6.1
ORopenttdopenttdMatch0.6.1rc1
ORopenttdopenttdMatch0.6.1rc2
ORopenttdopenttdMatch0.6.2
ORopenttdopenttdMatch0.6.2rc1
ORopenttdopenttdMatch0.6.2rc2
ORopenttdopenttdMatch0.6.3
ORopenttdopenttdMatch0.6.3rc1
ORopenttdopenttdMatch0.7.0
ORopenttdopenttdMatch0.7.0beta1
ORopenttdopenttdMatch0.7.0beta2
ORopenttdopenttdMatch0.7.0rc1
ORopenttdopenttdMatch0.7.0rc2
ORopenttdopenttdMatch0.7.1
ORopenttdopenttdMatch0.7.1rc1
ORopenttdopenttdMatch0.7.1rc2
ORopenttdopenttdMatch0.7.1rc3
ORopenttdopenttdMatch0.7.2
ORopenttdopenttdMatch0.7.2rc1
ORopenttdopenttdMatch0.7.2rc2
ORopenttdopenttdMatch0.7.3
ORopenttdopenttdMatch0.7.3rc1
ORopenttdopenttdMatch0.7.3rc2
ORopenttdopenttdMatch0.7.4
ORopenttdopenttdMatch0.7.4rc1
ORopenttdopenttdMatch0.7.5
ORopenttdopenttdMatch0.7.5rc1
ORopenttdopenttdMatch1.0.0
ORopenttdopenttdMatch1.0.0beta1
ORopenttdopenttdMatch1.0.0beta2
ORopenttdopenttdMatch1.0.0beta3
ORopenttdopenttdMatch1.0.0beta4
ORopenttdopenttdMatch1.0.0rc1
ORopenttdopenttdMatch1.0.0rc2
ORopenttdopenttdMatch1.0.0rc3
ORopenttdopenttdMatch1.0.1
ORopenttdopenttdMatch1.0.1rc1
ORopenttdopenttdMatch1.0.1rc2
ORopenttdopenttdMatch1.0.2
ORopenttdopenttdMatch1.0.2rc1
ORopenttdopenttdMatch1.0.3
ORopenttdopenttdMatch1.0.3rc1
ORopenttdopenttdMatch1.0.4
ORopenttdopenttdMatch1.0.4rc1
ORopenttdopenttdMatch1.0.5
ORopenttdopenttdMatch1.0.5rc1
ORopenttdopenttdMatch1.0.5rc2
ORopenttdopenttdMatch1.1.0
ORopenttdopenttdMatch1.1.0beta1
ORopenttdopenttdMatch1.1.0beta2
ORopenttdopenttdMatch1.1.0beta3
ORopenttdopenttdMatch1.1.0beta4
ORopenttdopenttdMatch1.1.0beta5
ORopenttdopenttdMatch1.1.0rc1
ORopenttdopenttdMatch1.1.0rc2
ORopenttdopenttdMatch1.1.0rc3
ORopenttdopenttdMatch1.1.1
ORopenttdopenttdMatch1.1.1rc1
ORopenttdopenttdMatch1.1.2rc1
ORopenttdopenttdMatch1.1.2rc2
References
bugs.openttd.org/task/4746
bugs.openttd.org/task/4747
lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html
openwall.com/lists/oss-security/2011/09/02/4
openwall.com/lists/oss-security/2011/09/06/2
secunia.com/advisories/46075
security.openttd.org/en/CVE-2011-3343
www.debian.org/security/2012/dsa-2386
www.securityfocus.com/bid/49439
Related
nessus
nessus
FreeBSD : OpenTTD -- Multiple buffer overflows in validation of external data (9bad5ab1-f3f6-11e0-8b5c-b482fe3f522d)
2011-10-17 00:00:00
Fedora 16 : openttd-1.1.3-1.fc16 (2011-12945)
2011-10-03 00:00:00
Fedora 14 : openttd-1.1.3-1.fc14 (2011-12975)
2011-09-20 00:00:00
prion
prion
Buffer overflow
2011-09-08 18:55:00
debiancve
debiancve
CVE-2011-3343
2011-09-08 18:55:01
openvas
openvas
FreeBSD Ports: openttd
2012-02-13 00:00:00
FreeBSD Ports: openttd
2012-02-13 00:00:00
Fedora Update for openttd FEDORA-2011-12945
2012-03-19 00:00:00
freebsd
freebsd
OpenTTD -- Multiple buffer overflows in validation of external data
2011-08-25 00:00:00
cve
cve
CVE-2011-3343
2011-09-08 18:55:01
ubuntucve
ubuntucve
CVE-2011-3343
2011-09-08 00:00:00
cvelist
cvelist
CVE-2011-3343
2011-09-08 18:00:00
debian
debian
[SECURITY] [DSA 2386-1] openttd security update
2012-01-11 20:57:32
securityvulns
securityvulns
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2012-01-21 00:00:00
[SECURITY] [DSA 2386-1] openttd security update
2012-01-21 00:00:00
OpenTTD DoS
2011-11-21 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: openttd-1.1.3-1.fc16
2011-09-30 19:28:00
[SECURITY] Fedora 15 Update: openttd-1.1.5-1.fc15
2012-01-28 03:26:10
[SECURITY] Fedora 14 Update: openttd-1.1.3-1.fc14
2011-09-19 22:58:48
gentoo
gentoo
OpenTTD: Multiple vulnerabilities
2011-11-11 00:00:00
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
7.7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for NVD:CVE-2011-3343