Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows local users to execute arbitrary code via a large filename supplied to the "-g" parameter in the ttd_main function. NOTE: it is unlikely that this issue would cross privilege boundaries in typical environments.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P
Vendors Products
Openttd
  • Openttd

Configuration 1 [-]

OR cpe:2.3:a:openttd:openttd:0.1.1:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.1.2:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.1.3:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.1.4:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.2.1:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.3.2:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.3.3:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.3.4:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.3.5:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.3.6:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.4.5:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.4.6:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.4.7:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.4.8:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.4.8:rc1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.4.8:rc2:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.5.0:rc1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.5.0:rc2:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.5.0:rc3:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.5.0:rc4:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.5.0:rc5:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.5.1:rc1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.5.1:rc2:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.5.1:rc3:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.5.2:rc1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.5.3:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.5.3:rc1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.5.3:rc2:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.5.3:rc3:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.6.0:beta1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.6.0:beta2:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.6.0:beta3:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.6.0:beta4:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.6.0:beta5:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.6.0:rc1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.6.1:rc1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:0.6.1:rc2:*:*:*:*:*:*
References
Link Resource
http://bugs.gentoo.org/show_bug.cgi?id=233929
http://secunia.com/advisories/34161
http://security.gentoo.org/glsa/glsa-200903-09.xml
http://sourceforge.net/project/shownotes.php?release_id=617243
http://www.securityfocus.com/bid/30525
http://www.vupen.com/english/advisories/2008/2285
https://exchange.xforce.ibmcloud.com/vulnerabilities/44436
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2008-08-10T21:00:00

Updated: 2017-08-07T12:57:01

Reserved: 2008-08-10T00:00:00

Link: CVE-2008-3577

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2008-08-10T21:41:00.000

Modified: 2017-08-08T01:31:59.983

Link: CVE-2008-3577

JSON object: View

cve-icon Redhat Information

No data.

CWE