Vulnerabilities > Openttd > Openttd > 1.1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-07 | CVE-2012-0049 | Resource Exhaustion vulnerability in multiple products OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. | 4.0 |
| 2013-12-14 | CVE-2013-6411 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Openttd The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map. | 5.0 |
| 2012-10-09 | CVE-2012-3436 | Improper Input Validation vulnerability in Openttd OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to "the water/coast aspect of tiles which also have railtracks on one half." | 5.0 |
| 2011-09-08 | CVE-2011-3343 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Openttd Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file. | 4.6 |
| 2011-09-08 | CVE-2011-3342 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Openttd Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame. | 7.5 |
| 2011-09-08 | CVE-2011-3341 | Numeric Errors vulnerability in Openttd Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command. | 7.5 |