CVE-2009-4007

Name of the Vulnerable Software and Affected Versions OpenTTD versions prior to 0.7.5-RC1

Description The issue is related to an unspecified vulnerability in the NormaliseTrainConsist function, which can be exploited by remote attackers to cause a denial of service, resulting in a daemon crash. This can be achieved through certain game actions involving a wagon and a dual-headed engine.

Recommendations For versions prior to 0.7.5-RC1, update to version 0.7.5-RC1 or later to resolve the issue. As a temporary workaround, consider restricting game actions involving wagons and dual-headed engines to minimize the risk of exploitation.