返回 CVE 瀏覽器

CVE-2008-3576

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0350%

EPSS Percentile16.77th

Published2008年8月10日

Last Modified2026年4月23日

Vulnerability Description

Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string. NOTE: some of these details are obtained from third party information.

Affected Platforms (CPE)

📦

Openttd

Openttd

<= 0.6.2-rc2

📦

Openttd

Openttd

= 0.6.1

📦

Openttd

Openttd

= 0.6.2-rc1

References & Advisories

🔗 http://bugs.gentoo.org/show_bug.cgi?id=233929

🔗 http://secunia.com/advisories/31350

🔗 http://secunia.com/advisories/34161

🔗 http://security.gentoo.org/glsa/glsa-200903-09.xml

🔗 http://sourceforge.net/project/shownotes.php?release_id=617243

🔗 http://www.openttd.org/index.php

🔗 http://www.securityfocus.com/bid/30525

🔗 http://www.vupen.com/english/advisories/2008/2285

相關漏洞威脅

CVE-2008-35479.0

Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persist...

CVE-2005-27637.5

Multiple format string vulnerabilities in OpenTTD before 0.4.0.1 allow remote attackers to cause a denial of service (crash) and p...

CVE-2005-27647.5

Multiple buffer overflows in OpenTTD before 0.4.0.1 allow attackers to cause a denial of service (crash) and possibly execute arbi...

CVE-2010-41687.5

Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (inv...

CVE-2008-3576 Detail & Impact Analysis | CVSS 10.0 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space