Openttd

openttd

Vendor: Openttd • 20 CVEs

CVEs (20)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-0049 3Debian FedoraprojectOpenttd 3Debian Linux FedoraOpenttd Nov 21, 2024 Nov 7, 2019 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.
CVE-2013-6411 1Openttd 1Openttd Apr 29, 2026 Dec 14, 2013 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map.
CVE-2012-3436 1Openttd 1Openttd Apr 29, 2026 Oct 9, 2012 N/A· v4 N/A· v3 5.0 MEDIUM· v2 OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of step...Show more OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to "the water/coast aspect of tiles which also have railtracks on one half."Show less
CVE-2012-0048 1Openttd 1Openttd Apr 29, 2026 Aug 25, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a "slow read" attack.
CVE-2011-3343 1Openttd 1Openttd Apr 29, 2026 Sep 8, 2011 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a B...Show more Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file.Show less
CVE-2011-3342 1Openttd 1Openttd Apr 29, 2026 Sep 8, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (ak...Show more Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame.Show less
CVE-2011-3341 1Openttd 1Openttd Apr 29, 2026 Sep 8, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command.
CVE-2010-4168 2Fedoraproject Openttd 2Fedora Openttd Apr 29, 2026 Nov 17, 2010 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from...Show more Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/network_server.cpp; and (3) remote servers to cause a denial of service (invalid read and application crash) by forcing a disconnection during the join process, related to network/network.cpp.Show less
CVE-2010-2534 1Openttd 1Openttd Apr 29, 2026 Jul 28, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop an...Show more The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted request, related to the client command queue.Show less
CVE-2010-0406 1Openttd 1Openttd Apr 29, 2026 May 5, 2010 N/A· v4 N/A· v3 4.0 MEDIUM· v2 OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map.
CVE-2010-0402 1Openttd 1Openttd Apr 29, 2026 May 5, 2010 N/A· v4 N/A· v3 6.5 MEDIUM· v2 OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game...Show more OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command.Show less
CVE-2010-0401 1Openttd 1Openttd Apr 29, 2026 May 5, 2010 N/A· v4 N/A· v3 6.5 MEDIUM· v2 OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of ser...Show more OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet.Show less
CVE-2009-4007 1Openttd 1Openttd Apr 23, 2026 Dec 28, 2009 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wa...Show more Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine.Show less
CVE-2008-3547 1Openttd 1Openttd Apr 23, 2026 Mar 10, 2009 N/A· v4 N/A· v3 9.0 HIGH· v2 Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long na...Show more Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for "companies and clients."Show less
CVE-2008-3577 1Openttd 1Openttd Apr 23, 2026 Aug 10, 2008 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows local users to execute arbitrary code via a large filename supplied to the "-g" parameter in the ttd_main function. NOTE: it is unlikely that this issue...Show more Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows local users to execute arbitrary code via a large filename supplied to the "-g" parameter in the ttd_main function. NOTE: it is unlikely that this issue would cross privilege boundaries in typical environments.Show less
CVE-2008-3576 1Openttd 1Openttd Apr 23, 2026 Aug 10, 2008 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string. NOTE: so...Show more Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string. NOTE: some of these details are obtained from third party information.Show less
CVE-2006-1999 1Openttd 1Openttd Apr 16, 2026 Apr 25, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The multiplayer menu in OpenTTD 0.4.7 allows remote attackers to cause a denial of service via a UDP packet with an incorrect size, which causes the client to return to the main menu.
CVE-2006-1998 1Openttd 1Openttd Apr 16, 2026 Apr 25, 2006 N/A· v4 N/A· v3 2.1 LOW· v2 OpenTTD 0.4.7 and earlier allows local users to cause a denial of service (application exit) via a large invalid error number, which triggers an error.
CVE-2005-2764 1Openttd 1Openttd Apr 16, 2026 Sep 21, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple buffer overflows in OpenTTD before 0.4.0.1 allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
CVE-2005-2763 1Openttd 1Openttd Apr 16, 2026 Sep 6, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple format string vulnerabilities in OpenTTD before 0.4.0.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.