Security tracker

This page lists all known vulnerabilities of OpenTTD with an explanation and patches for vulnerable versions.

The list given here is by no means a full list of vulnerabilities. Many vulnerabilities might have been fixed without us being aware of it being a vulnerability in the first place. The list does contain all vulnerabilities that have a CVE number.

Even though we provide some patches for older versions, we advise to use newer versions of OpenTTD.

name description first vulnerable first fixed
CVE-2013-6411 Denial of service (server) using forcefully crashed aircrafts. 0.3.6 1.3.3
CVE-2012-3436 Denial of service (server) using ships on half tiles and landscaping. 0.6.0 1.2.2
CVE-2012-0049 Denial of service (server) via slow read attack 0.3.5 1.1.5
CVE-2011-3343 Multiple buffer overflows in validation of external data 0.1.0 1.1.3
CVE-2011-3342 Buffer overflows in savegame loading 0.1.0 1.1.3
CVE-2011-3341 Denial of service via improperly validated commands 0.3.5 1.1.3
CVE-2010-4168 Denial of service (server/client) via invalid read 1.0.0 1.0.5
CVE-2010-2534 Denial of service (server) via infinite loop 1.0.1 1.0.3
CVE-2010-0406 Denial of service (server) via leaking file descriptors 0.3.5 1.0.1
CVE-2010-0402 Denial of service via improperly validated commands 0.3.5 1.0.1
CVE-2010-0401 Access restriction circumvention, remote crash 0.3.5 1.0.1
CVE-2009-4007 Denial of service (server) using wagons and dual-headed engine 0.6.0 0.7.5
CVE-2008-3577 Buffer overflow in "-g" parameter handling 0.1.0 0.6.2
CVE-2008-3576 Buffer overflow in string truncation. 0.4.5 0.6.2
CVE-2008-3547 Denial of service (server) via UDP request 0.3.5 0.6.2
CVE-2006-1999 Denial of service (client) via UDP packet with incorrect size 0.3.5 0.4.8
CVE-2006-1998 Denial of service (server) via invalid error number 0.3.5 0.4.8
CVE-2005-2764 Multiple buffer overflows 0.1.0 0.4.5
CVE-2005-2763 Multiple format string vulnerabilities 0.3.5 0.4.5