PT-2010-5333 · Openttd · Openttd

Remko Bijker

Publicado

2010-11-17

Atualizado

2024-06-15

CVE-2010-4168

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions OpenTTD versions 1.0.x through 1.0.4

Description The issue concerns multiple use-after-free vulnerabilities. These vulnerabilities allow remote attackers to cause a denial of service by abruptly disconnecting during transmission of the map from the server, related to network/network server.cpp, or by forcing a disconnection during the join process, related to network/network.cpp. This can result in an invalid write and daemon crash, or an invalid read and daemon or application crash.

Recommendations For OpenTTD versions 1.0.x through 1.0.4, update to version 1.0.5 or later to resolve the issue.

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

CVE-2010-4168

OPENSUSE-SU-2024:10563-1

Produtos afetados

Openttd

PT-2010-5333 · Openttd · Openttd

CVE-2010-4168

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 20