PT-2010-5333 · Openttd · Openttd

Remko Bijker

Published

2010-11-17

Updated

2024-06-15

CVE-2010-4168

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions OpenTTD versions 1.0.x through 1.0.4

Description The issue concerns multiple use-after-free vulnerabilities. These vulnerabilities allow remote attackers to cause a denial of service by abruptly disconnecting during transmission of the map from the server, related to network/network server.cpp, or by forcing a disconnection during the join process, related to network/network.cpp. This can result in an invalid write and daemon crash, or an invalid read and daemon or application crash.

Recommendations For OpenTTD versions 1.0.x through 1.0.4, update to version 1.0.5 or later to resolve the issue.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2010-4168

OPENSUSE-SU-2024:10563-1

Affected Products

Openttd

PT-2010-5333 · Openttd · Openttd

CVE-2010-4168

Weakness Enumeration

Related Identifiers

Affected Products

References · 20