Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Openttd'
2019-11-07
CVE-2012-0049
CWE-400
OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.
2013-12-14
CVE-2013-6411
CWE-119
The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map.
2012-08-25
CVE-2012-0048
OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a "slow read" attack.
2011-09-08
CVE-2011-3343
CWE-119
Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file.
CVE-2011-3342
CWE-119
Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame.
CVE-2011-3341
CWE-189
Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command.
2010-11-17
CVE-2010-4168
CWE-399
Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/network_server.cpp; and (3) remote servers to cause a denial of service (invalid read and application crash) by forcing a disconnection during the join process, related to network/network.cpp.
2010-07-28
CVE-2010-2534
CWE-399
The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted request, related to the client command queue.
2010-05-05
CVE-2010-0406
CWE-399
OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map.
CVE-2010-0402
CWE-94
OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command.
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 'Openttd' 