Published: 08/09/2011 Updated: 19/01/2012

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Multiple buffer overflows in OpenTTD prior to 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openttd openttd 1.0.0
openttd openttd 1.0.3
openttd openttd 1.1.0
openttd openttd 1.0.5
openttd openttd 0.7.0
openttd openttd 0.7.2
openttd openttd 0.5.2
openttd openttd 0.7.1
openttd openttd 0.1.2
openttd openttd 0.1.1
openttd openttd 1.0.1
openttd openttd 1.0.4
openttd openttd 1.1.2
openttd openttd 1.1.1
openttd openttd 0.6.0
openttd openttd 0.6.2
openttd openttd 0.6.3
openttd openttd 0.1.3
openttd openttd 0.7.4
openttd openttd 0.5.3
openttd openttd 0.3.0
openttd openttd 0.5.0
openttd openttd 0.5.1
openttd openttd 0.4.0.1
openttd openttd 0.6.1
openttd openttd 0.2.1
openttd openttd 0.3.2.1
openttd openttd 0.3.2
openttd openttd 0.4.0
openttd openttd 0.3.7
openttd openttd 1.0.2
openttd openttd
openttd openttd 0.4.8
openttd openttd 0.7.3
openttd openttd 0.7.5
openttd openttd 0.1.4
openttd openttd 0.2.0
openttd openttd 0.3.4
openttd openttd 0.3.3
openttd openttd 0.4.7
openttd openttd 0.4.6
openttd openttd 0.3.1
openttd openttd 0.3.6
openttd openttd 0.3.5
openttd openttd 0.4.5

Several vulnerabilities have been discovered in OpenTTD, a transport business simulation game Multiple buffer overflows and off-by-one errors allow remote attackers to cause denial of service For the oldstable distribution (lenny), this problem has been fixed in version 062-1+lenny4 For the stable distribution (squeeze), this problem has been ...

CWE-119 http://openwall.com/lists/oss-security/2011/09/02/4 http://bugs.openttd.org/task/4746 http://bugs.openttd.org/task/4747 http://openwall.com/lists/oss-security/2011/09/06/2 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html http://secunia.com/advisories/46075 http://www.securityfocus.com/bid/49439 http://security.openttd.org/en/CVE-2011-3343 http://www.debian.org/security/2012/dsa-2386 https://nvd.nist.gov https://www.debian.org/security/./dsa-2386

CVE-2011-3343

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect