Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3343

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2011-3343
Last Modified 18 Jan 2012 10:59:26
Published 08 Sep 2011 02:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2011-3343

Summary

Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file.

Vulnerable Systems

Application

  • Openttd 0.1.1

  • Openttd 0.1.2

  • Openttd 0.1.3

  • Openttd 0.1.4

  • Openttd 0.2.0

  • Openttd 0.2.1

  • Openttd 0.3.0

  • Openttd 0.3.1

  • Openttd 0.3.2

  • Openttd 0.3.2.1

  • Openttd 0.3.3

  • Openttd 0.3.4

  • Openttd 0.3.5

  • Openttd 0.3.6

  • Openttd 0.3.7

  • Openttd 0.4.0

  • Openttd 0.4.0.1

  • Openttd 0.4.5

  • Openttd 0.4.6

  • Openttd 0.4.7

  • Openttd 0.4.8

  • Openttd 0.5.0

  • Openttd 0.5.1

  • Openttd 0.5.2

  • Openttd 0.5.3

  • Openttd 0.6.0

  • Openttd 0.6.1

  • Openttd 0.6.2

  • Openttd 0.6.3

  • Openttd 0.7.0

  • Openttd 0.7.1

  • Openttd 0.7.2

  • Openttd 0.7.3

  • Openttd 0.7.4

  • Openttd 0.7.5

  • Openttd 1.0.0

  • Openttd 1.0.1

  • Openttd 1.0.2

  • Openttd 1.0.3

  • Openttd 1.0.4

  • Openttd 1.0.5

  • Openttd 1.1.0

  • Openttd 1.1.1

  • Openttd 1.1.2


References

MLIST - [oss-security] 20110906 Re: CVE request for OpenTTD

MLIST - [oss-security] 20110902 CVE request for OpenTTD

CONFIRM - http://bugs.openttd.org/task/4747

CONFIRM - http://bugs.openttd.org/task/4746

BID - 49439

SECUNIA - 46075

FEDORA - FEDORA-2011-12975

CONFIRM - http://security.openttd.org/en/CVE-2011-3343

DEBIAN - DSA-2386


Last Updated: 27 May 2016 10:58:01