FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

OpenTTD -- Denial of service via improperly validated commands

Affected packages
0.3.5 <= openttd < 1.1.3

Details

VuXML ID e77befb5-f3f9-11e0-8b5c-b482fe3f522d
Discovery 2011-08-25
Entry 2011-10-16

The OpenTTD Team reports:

Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command.

References

CVE Name CVE-2011-3341
URL http://security.openttd.org/en/CVE-2011-3341