OpenTTD 0.7.2

CPE Details

OpenTTD 0.7.2
openttd
openttd
0.7.2
2010-07-28
14h43 +00:00
2014-06-30
15h15 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:openttd:openttd:0.7.2:*:*:*:*:*:*:*

Informations

Vendor

openttd

Product

openttd

Version

0.7.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2012-0049 2019-11-07 16h13 +00:00 OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.
4.3
Medium
CVE-2013-6411 2013-12-14 16h00 +00:00 The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map.
5
CVE-2012-3436 2012-10-09 16h00 +00:00 OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to "the water/coast aspect of tiles which also have railtracks on one half."
5
CVE-2012-0048 2012-08-25 10h00 +00:00 OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a "slow read" attack.
4.3
CVE-2011-3341 2011-09-08 16h00 +00:00 Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command.
7.5
CVE-2011-3342 2011-09-08 16h00 +00:00 Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame.
7.5
CVE-2011-3343 2011-09-08 16h00 +00:00 Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file.
4.6
CVE-2010-2534 2010-07-27 20h00 +00:00 The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted request, related to the client command queue.
5
CVE-2010-0401 2010-05-04 18h00 +00:00 OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet.
6.5
CVE-2010-0402 2010-05-04 18h00 +00:00 OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command.
6.5
CVE-2010-0406 2010-05-04 18h00 +00:00 OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map.
4
CVE-2009-4007 2009-12-28 18h00 +00:00 Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine.
5