CVE-2008-3576

Name of the Vulnerable Software and Affected Versions OpenTTD versions prior to 0.6.2

Description The issue is related to a buffer overflow in the TruncateString function, located in src/gfx.cpp. This can be exploited by remote attackers using a crafted string, potentially leading to a denial of service (daemon crash) or possibly the execution of arbitrary code.

Recommendations For versions prior to 0.6.2, update to version 0.6.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the TruncateString function in src/gfx.cpp to minimize the risk of exploitation.