Openttd: >> Openttd >> 0.3.6 Security Vulnerabilities
Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine.
CVSS Score
5.0
EPSS Score
0.017
Published
2009-12-28
Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for "companies and clients."
CVSS Score
9.0
EPSS Score
0.127
Published
2009-03-10
Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string. NOTE: some of these details are obtained from third party information.
CVSS Score
10.0
EPSS Score
0.132
Published
2008-08-10
Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows local users to execute arbitrary code via a large filename supplied to the "-g" parameter in the ttd_main function. NOTE: it is unlikely that this issue would cross privilege boundaries in typical environments.
CVSS Score
4.6
EPSS Score
0.001
Published
2008-08-10
OpenTTD 0.4.7 and earlier allows local users to cause a denial of service (application exit) via a large invalid error number, which triggers an error.
CVSS Score
2.1
EPSS Score
0.002
Published
2006-04-25
Multiple format string vulnerabilities in OpenTTD before 0.4.0.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.021
Published
2005-09-06
Page 2