{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-12-23T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2009-12-31T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp"}, {"name": "37487", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/37487"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://binaries.openttd.org/releases/0.7.5/changelog.txt"}, {"name": "61356", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/61356"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.openttd.org/en/news/112"}, {"name": "[oss-security] 20091224 OpenTTD remote DoS", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2009/12/24/1"}, {"name": "37929", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/37929"}, {"name": "37984", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/37984"}, {"name": "ADV-2009-3645", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/3645"}, {"name": "FEDORA-2010-0135", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html"}, {"name": "FEDORA-2010-0144", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-4007", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp", "refsource": "CONFIRM", "url": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp"}, {"name": "37487", "refsource": "BID", "url": "http://www.securityfocus.com/bid/37487"}, {"name": "http://binaries.openttd.org/releases/0.7.5/changelog.txt", "refsource": "CONFIRM", "url": "http://binaries.openttd.org/releases/0.7.5/changelog.txt"}, {"name": "61356", "refsource": "OSVDB", "url": "http://osvdb.org/61356"}, {"name": "http://www.openttd.org/en/news/112", "refsource": "CONFIRM", "url": "http://www.openttd.org/en/news/112"}, {"name": "[oss-security] 20091224 OpenTTD remote DoS", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2009/12/24/1"}, {"name": "37929", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37929"}, {"name": "37984", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37984"}, {"name": "ADV-2009-3645", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/3645"}, {"name": "FEDORA-2010-0135", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html"}, {"name": "FEDORA-2010-0144", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-4007", "datePublished": "2009-12-28T19:00:00", "dateReserved": "2009-11-19T00:00:00", "dateUpdated": "2009-12-31T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openttd:openttd:*:*:*:*:*:*:*:*", "matchCriteriaId": "83637063-4C40-411C-B890-F76945A21EB2", "versionEndIncluding": "0.7.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "499EFCAE-9309-4C26-A846-10396CBC628D", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "6908E44D-3553-430D-B870-266971DC0D17", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "DEBDEF33-48E4-42F4-A725-838DA9191334", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "422B0D3E-503C-4CA6-83B9-4FC58BA898C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "46557BD6-66A0-4892-9468-687A4B63F5B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "6A186C5E-ACAA-47C8-9FA0-133E9D7F2900", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "24094775-BAF9-4C2E-8C38-86916E22B5A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "B7CF73FA-09F6-4CE5-932E-BA6B43D66F1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "77E87583-5769-4114-94F7-043897DA0FC6", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "718E8C39-A59C-4576-B00D-31A8F0C1762C", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "83B1A7D7-D920-41F3-8DE9-D39007DDDEFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "327B826F-0F4E-420D-8C93-4551A4B9F190", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "FE12C455-5CA0-4581-A3F3-CC8867CCEEE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "5DC5E23E-3A14-49B4-A676-AAA96F25D01D", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "8520357A-27AF-4F48-9095-773F75AAC408", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F65EA852-3C46-47D6-8D6B-DC3546165CC1", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4441B6D-1A48-4DD4-AAAB-FC3B5F00DE4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "985D96E7-0BAE-46DF-A1E2-BD4585C6CABF", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "73062670-5CB9-4AB8-B45D-21E0D557FD49", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "876A0BCB-F792-4A21-85AB-5D7D63C3E987", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "97BFB677-F29E-451E-855A-452F8AE0A9D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.4.8:rc1:*:*:*:*:*:*", "matchCriteriaId": "99308463-E1A6-4018-819E-29043BFE8886", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.4.8:rc2:*:*:*:*:*:*", "matchCriteriaId": "C9E8C9AB-C303-4FB0-AD1D-C7EE4E93E347", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "DF5AEFDA-322E-49CD-AE94-82020B9B7AE2", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.5.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "6AF50B50-ED50-4BCD-8BAE-9161911A0FCF", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.5.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "E3485EF5-F3DF-4622-92D9-B092F46D5AFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.5.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "12EB77E6-94D0-4980-B392-59ACABEDB8D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.5.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "3051AB9F-5C64-4D95-805F-8575B5BD39D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.5.0:rc5:*:*:*:*:*:*", "matchCriteriaId": "494DD878-5854-49DC-A0E1-2904D70582EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "BFD07BE5-47E4-47E6-B6A2-CEC2BCC3E383", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.5.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "1A5AA729-0198-4644-9810-E501C3C47EE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.5.1:rc2:*:*:*:*:*:*", "matchCriteriaId": "1D5EC680-4686-4C04-957E-B597A1563F1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.5.1:rc3:*:*:*:*:*:*", "matchCriteriaId": "F2C02877-6FE8-4C98-9AB6-5E4D1AC49FFF", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "89325227-4E0A-49FA-83C1-D0D5E2CEF45D", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.5.2:rc1:*:*:*:*:*:*", "matchCriteriaId": "21763CB0-1FFA-4FF4-AA6F-47614E8BEEB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "A151DBA9-3A94-431F-BC22-C86E4268263B", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.5.3:rc1:*:*:*:*:*:*", "matchCriteriaId": "7246859E-A6CF-4617-A37A-BF17849D43F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.5.3:rc2:*:*:*:*:*:*", "matchCriteriaId": "85FA63BC-2292-49F8-A0E1-34C8497236C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.5.3:rc3:*:*:*:*:*:*", "matchCriteriaId": "78365F07-CF44-48FD-B048-2F510D147D0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CBAD231-4365-4A5F-9FD8-1EE13F7FC8A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.6.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "B052159B-4CFF-47DE-A1B7-35C467AD73BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.6.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "BDF5228B-B99A-4E4E-A66F-59275A36B28E", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.6.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "5E5F1FE7-ADCB-42AD-AB99-0F17AD8E2FE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.6.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "CD6E4B8D-6C12-4053-A8D2-F64F92AF733A", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.6.0:beta5:*:*:*:*:*:*", "matchCriteriaId": "9B9BDCD3-85B9-4C17-B625-FC7F62450FB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.6.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "8648A48E-BCF9-4B34-B1FF-16B780C2797D", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "3B0C66D6-F933-43B1-8BC0-72625E70442C", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.6.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "72070978-F3B9-46D6-A3FD-0932D751AD86", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.6.1:rc2:*:*:*:*:*:*", "matchCriteriaId": "5D6483EA-FC98-4367-A34B-795F858815E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.6.2:rc1:*:*:*:*:*:*", "matchCriteriaId": "DAE2A501-3F40-4BFD-B600-AD122BB8EFD4", "vulnerable": true}, {"criteria": "cpe:2.3:a:openttd:openttd:0.6.2:rc2:*:*:*:*:*:*", "matchCriteriaId": "D49CDF39-F0F2-4B48-87FC-4F984D439497", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine."}, {"lang": "es", "value": "Vulnerabilidad no especificada en la funci\u00f3n NormaliseTrainConsist en src/train_cmd.cpp en OpenTTD versiones anteriores a v0.7.5-RC1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (parada del demonio) mediante ciertas acciones del juego relacionadas con un vag\u00f3n y una m\u00e1quina con doble motor."}], "id": "CVE-2009-4007", "lastModified": "2010-03-26T05:34:56.640", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-12-28T19:30:00.360", "references": [{"source": "cve@mitre.org", "url": "http://binaries.openttd.org/releases/0.7.5/changelog.txt"}, {"source": "cve@mitre.org", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html"}, {"source": "cve@mitre.org", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/61356"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/37929"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/37984"}, {"source": "cve@mitre.org", "url": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.openttd.org/en/news/112"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2009/12/24/1"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/37487"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2009/3645"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}