cpe:2.3:a:openttd:openttd:0.2.1:*:*:*:*:*:*:*
OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.
Max CVSS
4.3
EPSS Score
0.49%
Published
2019-11-07
Updated
2019-11-09
Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file.
Max CVSS
4.6
EPSS Score
0.04%
Published
2011-09-08
Updated
2012-01-19
Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame.
Max CVSS
7.5
EPSS Score
12.97%
Published
2011-09-08
Updated
2012-01-19
Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command.
Max CVSS
7.5
EPSS Score
3.18%
Published
2011-09-08
Updated
2012-01-19
The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted request, related to the client command queue.
Max CVSS
5.0
EPSS Score
9.04%
Published
2010-07-28
Updated
2017-08-17
OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map.
Max CVSS
4.0
EPSS Score
0.15%
Published
2010-05-05
Updated
2010-05-11
OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command.
Max CVSS
6.5
EPSS Score
0.23%
Published
2010-05-05
Updated
2010-05-05
OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet.
Max CVSS
6.5
EPSS Score
0.22%
Published
2010-05-05
Updated
2010-05-11
Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine.
Max CVSS
5.0
EPSS Score
2.77%
Published
2009-12-28
Updated
2010-03-26
Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows local users to execute arbitrary code via a large filename supplied to the "-g" parameter in the ttd_main function. NOTE: it is unlikely that this issue would cross privilege boundaries in typical environments.
Max CVSS
4.6
EPSS Score
0.04%
Published
2008-08-10
Updated
2017-08-08
Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string. NOTE: some of these details are obtained from third party information.
Max CVSS
10.0
EPSS Score
8.91%
Published
2008-08-10
Updated
2017-08-08
Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for "companies and clients."
Max CVSS
9.0
EPSS Score
3.08%
Published
2009-03-10
Updated
2017-08-08
OpenTTD 0.4.7 and earlier allows local users to cause a denial of service (application exit) via a large invalid error number, which triggers an error.
Max CVSS
2.1
EPSS Score
0.04%
Published
2006-04-25
Updated
2018-10-18
Multiple format string vulnerabilities in OpenTTD before 0.4.0.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
Max CVSS
7.5
EPSS Score
2.00%
Published
2005-09-06
Updated
2011-03-08
14 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!