Openttd

Openttd

20 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2012-0049

  • EPSS 0.62%
  • Published 07.11.2019 18:15:11
  • Last modified 21.11.2024 01:34:17

OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.

5

CVE-2013-6411

Exploit
  • EPSS 2.29%
  • Published 14.12.2013 17:21:47
  • Last modified 11.04.2025 00:51:21

The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map.

5

CVE-2012-3436

Exploit
  • EPSS 2.34%
  • Published 09.10.2012 18:55:00
  • Last modified 11.04.2025 00:51:21

OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to "the water/coast ...

4.3

CVE-2012-0048

Exploit
  • EPSS 1.2%
  • Published 25.08.2012 10:29:49
  • Last modified 11.04.2025 00:51:21

OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a "slow read" attack.

4.6

CVE-2011-3343

  • EPSS 0.06%
  • Published 08.09.2011 18:55:01
  • Last modified 11.04.2025 00:51:21

Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file.

7.5

CVE-2011-3342

  • EPSS 5.21%
  • Published 08.09.2011 18:55:01
  • Last modified 11.04.2025 00:51:21

Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading fro...

7.5

CVE-2011-3341

  • EPSS 3.65%
  • Published 08.09.2011 18:55:01
  • Last modified 11.04.2025 00:51:21

Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command.

7.5

CVE-2010-4168

  • EPSS 2.84%
  • Published 17.11.2010 16:00:37
  • Last modified 11.04.2025 00:51:21

Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to networ...

5

CVE-2010-2534

  • EPSS 4.66%
  • Published 28.07.2010 12:48:53
  • Last modified 11.04.2025 00:51:21

The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a craft...

4

CVE-2010-0406

  • EPSS 0.46%
  • Published 05.05.2010 13:22:55
  • Last modified 11.04.2025 00:51:21

OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map.