Openttd@0.1.4 Security Vulnerabilities and Issues — Openttd@0.1.4 CVE List

Lucene search

OpenttdOpenttd0.1.4

12 matches found

CVE•added 2005/09/06 11:3 p.m.•48 views

CVE-2005-2763

Multiple format string vulnerabilities in OpenTTD before 0.4.0.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

7.5CVSS7.9AI score0.02051EPSS

CVE•added 2009/12/28 7:30 p.m.•48 views

CVE-2009-4007

Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine.

5CVSS6.2AI score0.01657EPSS

CVE•added 2010/05/05 1:22 p.m.•48 views

CVE-2010-0406

OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map.

4CVSS6.5AI score0.00455EPSS

CVE•added 2011/09/08 6:55 p.m.•48 views

CVE-2011-3341

Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command.

7.5CVSS6.6AI score0.03648EPSS

CVE•added 2011/09/08 6:55 p.m.•43 views

CVE-2011-3343

Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file.

4.6CVSS5.9AI score0.0006EPSS

CVE•added 2010/07/28 12:48 p.m.•42 views

CVE-2010-2534

The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted request, related to the client command queue.

5CVSS7.2AI score0.04656EPSS

CVE•added 2006/04/25 12:50 p.m.•41 views

CVE-2006-1998

OpenTTD 0.4.7 and earlier allows local users to cause a denial of service (application exit) via a large invalid error number, which triggers an error.

2.1CVSS6AI score0.00188EPSS

CVE•added 2010/05/05 1:22 p.m.•40 views

CVE-2010-0401

OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet.

6.5CVSS6.6AI score0.00334EPSS

CVE•added 2010/05/05 1:22 p.m.•40 views

CVE-2010-0402

OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command.

6.5CVSS7.5AI score0.01404EPSS

CVE•added 2009/03/10 9:30 p.m.•38 views

CVE-2008-3547

Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for "companies and clients."

9CVSS7.9AI score0.12671EPSS

CVE•added 2011/09/08 6:55 p.m.•37 views

CVE-2011-3342

Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame.

7.5CVSS6.7AI score0.05213EPSS

CVE•added 2008/08/10 9:41 p.m.•36 views

CVE-2008-3577

Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows local users to execute arbitrary code via a large filename supplied to the "-g" parameter in the ttd_main function. NOTE: it is unlikely that this issue would cross privilege boundaries in typical environments.

4.6CVSS7.2AI score0.0008EPSS