Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3341

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2011-3341
Last Modified 18 Jan 2012 10:59:26
Published 08 Sep 2011 02:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-3341

Summary

Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command.

Vulnerable Systems

Application

  • Openttd 0.1.1

  • Openttd 0.1.2

  • Openttd 0.1.3

  • Openttd 0.1.4

  • Openttd 0.2.0

  • Openttd 0.2.1

  • Openttd 0.3.0

  • Openttd 0.3.1

  • Openttd 0.3.2

  • Openttd 0.3.2.1

  • Openttd 0.3.3

  • Openttd 0.3.4

  • Openttd 0.3.5

  • Openttd 0.3.6

  • Openttd 0.3.7

  • Openttd 0.4.0

  • Openttd 0.4.0.1

  • Openttd 0.4.5

  • Openttd 0.4.6

  • Openttd 0.4.7

  • Openttd 0.4.8

  • Openttd 0.5.0

  • Openttd 0.5.1

  • Openttd 0.5.2

  • Openttd 0.5.3

  • Openttd 0.6.0

  • Openttd 0.6.1

  • Openttd 0.6.2

  • Openttd 0.6.3

  • Openttd 0.7.0

  • Openttd 0.7.1

  • Openttd 0.7.2

  • Openttd 0.7.3

  • Openttd 0.7.4

  • Openttd 0.7.5

  • Openttd 1.0.0

  • Openttd 1.0.1

  • Openttd 1.0.2

  • Openttd 1.0.3

  • Openttd 1.0.4

  • Openttd 1.0.5

  • Openttd 1.1.0

  • Openttd 1.1.1

  • Openttd 1.1.2


References

MLIST - [oss-security] 20110906 Re: CVE request for OpenTTD

MLIST - [oss-security] 20110902 CVE request for OpenTTD

CONFIRM - http://bugs.openttd.org/task/4745/getfile/7707/fixcmds.diff

CONFIRM - http://bugs.openttd.org/task/4745

BID - 49439

SECUNIA - 46075

FEDORA - FEDORA-2011-12975

CONFIRM - http://security.openttd.org/en/CVE-2011-3341

DEBIAN - DSA-2386


Last Updated: 27 May 2016 10:58:00