CVE-2008-3547

EPSS 12.67%
Published 10.03.2009 21:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for "companies and clients."

Affected products Warnungen 0 Metrics 2 CWE 1 References 13

Data is provided by the National Vulnerability Database (NVD)

Openttd ≫ Openttd Version <= 0.6.1

Openttd ≫ Openttd Version0.1.1

Openttd ≫ Openttd Version0.1.2

Openttd ≫ Openttd Version0.1.3

Openttd ≫ Openttd Version0.1.4

Openttd ≫ Openttd Version0.2.0

Openttd ≫ Openttd Version0.2.1

Openttd ≫ Openttd Version0.3.0

Openttd ≫ Openttd Version0.3.1

Openttd ≫ Openttd Version0.3.2

Openttd ≫ Openttd Version0.3.2.1

Openttd ≫ Openttd Version0.3.3

Openttd ≫ Openttd Version0.3.4

Openttd ≫ Openttd Version0.3.5

Openttd ≫ Openttd Version0.3.6

Openttd ≫ Openttd Version0.3.7

Openttd ≫ Openttd Version0.4.0

Openttd ≫ Openttd Version0.4.0.1

Openttd ≫ Openttd Version0.4.5

Openttd ≫ Openttd Version0.4.6

Openttd ≫ Openttd Version0.4.7

Openttd ≫ Openttd Version0.4.8

Openttd ≫ Openttd Version0.4.8 Updaterc1

Openttd ≫ Openttd Version0.4.8 Updaterc2

Openttd ≫ Openttd Version0.5.0

Openttd ≫ Openttd Version0.5.0 Updaterc1

Openttd ≫ Openttd Version0.5.0 Updaterc2

Openttd ≫ Openttd Version0.5.0 Updaterc3

Openttd ≫ Openttd Version0.5.0 Updaterc4

Openttd ≫ Openttd Version0.5.0 Updaterc5

Openttd ≫ Openttd Version0.5.1

Openttd ≫ Openttd Version0.5.1 Updaterc1

Openttd ≫ Openttd Version0.5.1 Updaterc2

Openttd ≫ Openttd Version0.5.1 Updaterc3

Openttd ≫ Openttd Version0.5.2

Openttd ≫ Openttd Version0.5.2 Updaterc1

Openttd ≫ Openttd Version0.5.3

Openttd ≫ Openttd Version0.5.3 Updaterc1

Openttd ≫ Openttd Version0.5.3 Updaterc2

Openttd ≫ Openttd Version0.5.3 Updaterc3

Openttd ≫ Openttd Version0.6.0

Openttd ≫ Openttd Version0.6.0 Updatebeta1

Openttd ≫ Openttd Version0.6.0 Updatebeta2

Openttd ≫ Openttd Version0.6.0 Updatebeta3

Openttd ≫ Openttd Version0.6.0 Updatebeta4

Openttd ≫ Openttd Version0.6.0 Updatebeta5

Openttd ≫ Openttd Version0.6.0 Updaterc1

Openttd ≫ Openttd Version0.6.1 Updaterc1

Openttd ≫ Openttd Version0.6.1 Updaterc2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	12.67%	0.934

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://bugs.gentoo.org/show_bug.cgi?id=233929

http://secunia.com/advisories/34161

Vendor Advisory

http://security.gentoo.org/glsa/glsa-200903-09.xml

http://sourceforge.net/project/shownotes.php?release_id=617243

http://bugs.debian.org/493714

http://marc.info/?l=oss-security&m=121787604812284&w=2

http://marc.info/?l=oss-security&m=121790659421159&w=2

http://marc.info/?l=oss-security&m=121797672406282&w=2

http://marc.info/?l=oss-security&m=121814230706576&w=2

https://exchange.xforce.ibmcloud.com/vulnerabilities/49221

https://nvd.nist.gov/vuln/detail/CVE-2008-3547

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-3547

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-3547

EUVD