Lucene search

RedhatCVE-2012-3436

HistoryOct 09, 2012 - 6:55 p.m.

CVE-2012-3436

2012-10-0918:55:00

CWE-20

redhat

web.nvd.nist.gov

cve-2012-3436

openttd

denial of service

null pointer dereference

server crash

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

4.4

Confidence

High

EPSS

0.056

Percentile

93.3%

JSON

OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to “the water/coast aspect of tiles which also have railtracks on one half.”

Affected configurations

Nvd

Node

openttdopenttdMatch0.6.0

openttdopenttdMatch0.6.1

openttdopenttdMatch0.6.2

openttdopenttdMatch0.6.3

openttdopenttdMatch0.7.0

openttdopenttdMatch0.7.1

openttdopenttdMatch0.7.2

openttdopenttdMatch0.7.3

openttdopenttdMatch0.7.4

openttdopenttdMatch0.7.5

openttdopenttdMatch1.0.0

openttdopenttdMatch1.0.0beta1

openttdopenttdMatch1.0.0beta2

openttdopenttdMatch1.0.0beta3

openttdopenttdMatch1.0.0beta4

openttdopenttdMatch1.0.0rc1

openttdopenttdMatch1.0.0rc2

openttdopenttdMatch1.0.0rc3

openttdopenttdMatch1.0.1

openttdopenttdMatch1.0.1rc1

openttdopenttdMatch1.0.1rc2

openttdopenttdMatch1.0.2

openttdopenttdMatch1.0.2rc1

openttdopenttdMatch1.0.3

openttdopenttdMatch1.0.3rc1

openttdopenttdMatch1.0.4

openttdopenttdMatch1.0.4rc1

openttdopenttdMatch1.0.5

openttdopenttdMatch1.0.5rc1

openttdopenttdMatch1.0.5rc2

openttdopenttdMatch1.1.0

openttdopenttdMatch1.1.1

openttdopenttdMatch1.1.2

openttdopenttdMatch1.1.3

openttdopenttdMatch1.1.4

openttdopenttdMatch1.1.5

openttdopenttdMatch1.2.0

openttdopenttdMatch1.2.1

VendorProductVersionCPE
openttdopenttd0.6.0cpe:2.3:a:openttd:openttd:0.6.0:*:*:*:*:*:*:*
openttdopenttd0.6.1cpe:2.3:a:openttd:openttd:0.6.1:*:*:*:*:*:*:*
openttdopenttd0.6.2cpe:2.3:a:openttd:openttd:0.6.2:*:*:*:*:*:*:*
openttdopenttd0.6.3cpe:2.3:a:openttd:openttd:0.6.3:*:*:*:*:*:*:*
openttdopenttd0.7.0cpe:2.3:a:openttd:openttd:0.7.0:*:*:*:*:*:*:*
openttdopenttd0.7.1cpe:2.3:a:openttd:openttd:0.7.1:*:*:*:*:*:*:*
openttdopenttd0.7.2cpe:2.3:a:openttd:openttd:0.7.2:*:*:*:*:*:*:*
openttdopenttd0.7.3cpe:2.3:a:openttd:openttd:0.7.3:*:*:*:*:*:*:*
openttdopenttd0.7.4cpe:2.3:a:openttd:openttd:0.7.4:*:*:*:*:*:*:*
openttdopenttd0.7.5cpe:2.3:a:openttd:openttd:0.7.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
openttd	openttd	0.6.0	cpe:2.3:a:openttd:openttd:0.6.0:::::::*
openttd	openttd	0.6.1	cpe:2.3:a:openttd:openttd:0.6.1:::::::*
openttd	openttd	0.6.2	cpe:2.3:a:openttd:openttd:0.6.2:::::::*
openttd	openttd	0.6.3	cpe:2.3:a:openttd:openttd:0.6.3:::::::*
openttd	openttd	0.7.0	cpe:2.3:a:openttd:openttd:0.7.0:::::::*
openttd	openttd	0.7.1	cpe:2.3:a:openttd:openttd:0.7.1:::::::*
openttd	openttd	0.7.2	cpe:2.3:a:openttd:openttd:0.7.2:::::::*
openttd	openttd	0.7.3	cpe:2.3:a:openttd:openttd:0.7.3:::::::*
openttd	openttd	0.7.4	cpe:2.3:a:openttd:openttd:0.7.4:::::::*
openttd	openttd	0.7.5	cpe:2.3:a:openttd:openttd:0.7.5:::::::*