Michael Lutz

**Name of the Vulnerable Software and Affected Versions** OpenTTD versions prior to 1.1.3 **Description** The issue is caused by multiple off-by-one errors in the order cmd.cpp file, allowing remote attackers to potentially execute arbitrary code or cause a denial of service by crashing the daemon. This can be achieved by sending a crafted CMD INSERT ORDER command. **Recommendations** For versions prior to 1.1.3, update to version 1.1.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** OpenTTD versions prior to 1.1.3 **Description** The issue is related to multiple buffer overflows that can be triggered by loading specific chunks from a savegame, including `NAME`, `PLYR`, `CHTS`, or `AIPL` (also known as AI config). This can cause a denial of service, resulting in a daemon crash, or potentially allow the execution of arbitrary code. **Recommendations** For versions prior to 1.1.3, update to version 1.1.3 or later to resolve the issue. As a temporary workaround, consider restricting the loading of savegames from untrusted sources to minimize the risk of exploitation.