Total vulnerabilities in the database
OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to "the water/coast aspect of tiles which also have railtracks on one half."
| Software | From | Fixed in |
|---|---|---|
| openttd / openttd | 1.0.0-beta2 | 1.0.0-beta2.x |
| openttd / openttd | 1.0.5 | 1.0.5.x |
| openttd / openttd | 0.7.3 | 0.7.3.x |
| openttd / openttd | 1.0.0 | 1.0.0.x |
| openttd / openttd | 1.0.0-beta4 | 1.0.0-beta4.x |
| openttd / openttd | 0.7.0 | 0.7.0.x |
| openttd / openttd | 1.0.4 | 1.0.4.x |
| openttd / openttd | 1.1.3 | 1.1.3.x |
| openttd / openttd | 1.1.0 | 1.1.0.x |
| openttd / openttd | 1.0.5-rc2 | 1.0.5-rc2.x |
| openttd / openttd | 0.7.2 | 0.7.2.x |
| openttd / openttd | 1.1.1 | 1.1.1.x |
| openttd / openttd | 1.1.4 | 1.1.4.x |
| openttd / openttd | 1.0.3 | 1.0.3.x |
| openttd / openttd | 1.0.0-rc2 | 1.0.0-rc2.x |
| openttd / openttd | 1.0.1-rc2 | 1.0.1-rc2.x |
| openttd / openttd | 0.6.0 | 0.6.0.x |
| openttd / openttd | 1.0.1-rc1 | 1.0.1-rc1.x |
| openttd / openttd | 1.2.1 | 1.2.1.x |
| openttd / openttd | 0.7.5 | 0.7.5.x |
| openttd / openttd | 0.7.1 | 0.7.1.x |
| openttd / openttd | 1.1.5 | 1.1.5.x |
| openttd / openttd | 1.0.0-beta3 | 1.0.0-beta3.x |
| openttd / openttd | 0.6.1 | 0.6.1.x |
| openttd / openttd | 1.0.4-rc1 | 1.0.4-rc1.x |
| openttd / openttd | 1.0.0-rc1 | 1.0.0-rc1.x |
| openttd / openttd | 1.0.0-beta1 | 1.0.0-beta1.x |
| openttd / openttd | 0.7.4 | 0.7.4.x |
| openttd / openttd | 1.0.3-rc1 | 1.0.3-rc1.x |
| openttd / openttd | 1.0.2-rc1 | 1.0.2-rc1.x |
| openttd / openttd | 1.2.0 | 1.2.0.x |
| openttd / openttd | 1.0.1 | 1.0.1.x |
| openttd / openttd | 0.6.2 | 0.6.2.x |
| openttd / openttd | 0.6.3 | 0.6.3.x |
| openttd / openttd | 1.0.2 | 1.0.2.x |
| openttd / openttd | 1.0.5-rc1 | 1.0.5-rc1.x |
| openttd / openttd | 1.1.2 | 1.1.2.x |
| openttd / openttd | 1.0.0-rc3 | 1.0.0-rc3.x |