OpenTTD | Security

Security tracker

This page lists all known vulnerabilities of OpenTTD with an explanation and patches for vulnerable versions.

The list given here is by no means a full list of vulnerabilities. Many vulnerabilities might have been fixed without us being aware of it being a vulnerability in the first place. The list does contain all vulnerabilities that have a CVE number.

Even though we provide some patches for older versions, we advise to use newer versions of OpenTTD.

name	description	first vulnerable	first fixed
1.2.0 - 1.3.2.patch
1.0.0 - 1.1.5.patch
0.6.0 - 0.7.3.patch
0.3.6 - 0.5.3.patch
CVE-2013-6411	Denial of service (server) using forcefully crashed aircrafts.	0.3.6	1.3.3
1.2.0 - 1.2.1.patch
1.1.0 - 1.1.5.patch
1.0.0 - 1.0.5.patch
0.7.0 - 0.7.5.patch
0.6.0 - 0.6.3.patch
CVE-2012-3436	Denial of service (server) using ships on half tiles and landscaping.	0.6.0	1.2.2
1.1.0 - 1.1.4.patch
1.0.2 - 1.0.5.patch
1.0.1 - 1.0.1.patch
1.0.0 - 1.0.0.patch
0.7.0 - 0.7.5.patch
0.6.0 - 0.6.3.patch
CVE-2012-0049	Denial of service (server) via slow read attack	0.3.5	1.1.5
1.1.0 - 1.1.2.patch
1.0.0 - 1.0.5.patch
0.7.0 - 0.7.5.patch
0.6.0 - 0.6.3.patch
0.5.0 - 0.5.3.patch
0.4.5 - 0.4.8.patch
0.3.1 - 0.4.0.1.patch
CVE-2011-3343	Multiple buffer overflows in validation of external data	0.1.0	1.1.3
1.1.2 - 1.1.2.patch
1.1.0 - 1.1.1.patch
1.0.5 - 1.0.5.patch
1.0.0 - 1.0.4.patch
0.7.0 - 0.7.5.patch
0.6.0 - 0.6.3.patch
0.5.0 - 0.5.3.patch
CVE-2011-3342	Buffer overflows in savegame loading	0.1.0	1.1.3
1.1.0 - 1.1.2.patch
1.0.1 - 1.0.5.patch
1.0.0 - 1.0.0.patch
0.7.0 - 0.7.5.patch
0.6.0 - 0.6.3.patch
0.3.5 - 0.5.3.patch
CVE-2011-3341	Denial of service via improperly validated commands	0.3.5	1.1.3
1.0.0 - 1.0.4.patch
CVE-2010-4168	Denial of service (server/client) via invalid read	1.0.0	1.0.5
1.0.1 - 1.0.2.patch
CVE-2010-2534	Denial of service (server) via infinite loop	1.0.1	1.0.3
0.6.0 - 1.0.0.patch
0.3.5 - 0.5.3.patch
CVE-2010-0406	Denial of service (server) via leaking file descriptors	0.3.5	1.0.1
1.0.0 - 1.0.0.patch
0.7.0 - 0.7.5.patch
0.6.0 - 0.6.3.patch
CVE-2010-0402	Denial of service via improperly validated commands	0.3.5	1.0.1
0.7.0 - 1.0.0.patch
0.6.0 - 0.6.3.patch
0.5.1 - 0.5.3.patch
0.3.5 - 0.5.0.patch
CVE-2010-0401	Access restriction circumvention, remote crash	0.3.5	1.0.1
0.6.0 - 0.7.4.patch
CVE-2009-4007	Denial of service (server) using wagons and dual-headed engine	0.6.0	0.7.5
0.6.0 - 0.6.1.patch
0.4.5 - 0.5.3.patch
0.3.4 - 0.4.0.1.patch
0.1.0 - 0.3.3.patch
CVE-2008-3577	Buffer overflow in "-g" parameter handling	0.1.0	0.6.2
0.6.0 - 0.6.1.patch
0.5.0 - 0.5.3.patch
0.4.5 - 0.4.8.patch
CVE-2008-3576	Buffer overflow in string truncation.	0.4.5	0.6.2
0.6.0 - 0.6.1.patch
0.3.5 - 0.5.3.patch
CVE-2008-3547	Denial of service (server) via UDP request	0.3.5	0.6.2
0.3.5 - 0.4.7.patch
CVE-2006-1999	Denial of service (client) via UDP packet with incorrect size	0.3.5	0.4.8
0.4.5 - 0.4.7.patch
0.4.0 - 0.4.0.1.patch
0.3.5 - 0.3.5.patch
CVE-2006-1998	Denial of service (server) via invalid error number	0.3.5	0.4.8
0.3.5 - 0.4.0.1.patch
CVE-2005-2764	Multiple buffer overflows	0.1.0	0.4.5
0.4.0 - 0.4.0.1.patch
0.3.5 - 0.3.5.patch
CVE-2005-2763	Multiple format string vulnerabilities	0.3.5	0.4.5