CVE-2013-6411

OpenTTD 0.3.6-1.3.2 - Denial of Service via Aircraft Crash Outside Map

Title source: llm
STIX 2.1

Description

The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map.

References (9)

Core 9
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/56218
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/89334
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2013-12/msg00095.html
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/55589
Exploit, Patch x_refsource_confirm
http://vcs.openttd.org/svn/changeset/26134
Various Sources x_refsource_confirm
https://security.openttd.org/en/CVE-2013-6411
Mailing List mailing-list x_refsource_mlist
http://seclists.org/oss-sec/2013/q4/375
Various Sources x_refsource_confirm
http://bugs.openttd.org/task/5820
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/64003

Scores

EPSS 0.0331
EPSS Percentile 87.1%

Details

CWE
CWE-119
Status published
Products (36)
openttd/openttd 0.3.6
openttd/openttd 0.4.0
openttd/openttd 0.4.0.1
openttd/openttd 0.4.5
openttd/openttd 0.4.6
openttd/openttd 0.4.7
openttd/openttd 0.4.8
openttd/openttd 0.5.0
openttd/openttd 0.5.1
openttd/openttd 0.5.2
... and 26 more
Published Dec 14, 2013
Tracked Since Feb 18, 2026