DEBIAN-CVE-2010-4168
- Source
- https://security-tracker.debian.org/tracker/CVE-2010-4168
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2010-4168.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2010-4168
- Upstream
- Published
- 2010-11-17T16:00:37Z
- Modified
- 2025-10-14T05:01:23Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/networkserver.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/networkserver.cpp; and (3) remote servers to cause a denial of service (invalid read and application crash) by forcing a disconnection during the join process, related to network/network.cpp.
- References
Affected packages
Debian:11 / openttd
Package
- Name
- openttd
- Purl
- pkg:deb/debian/openttd?arch=source
Debian:12 / openttd
Package
- Name
- openttd
- Purl
- pkg:deb/debian/openttd?arch=source
Debian:13 / openttd
Package
- Name
- openttd
- Purl
- pkg:deb/debian/openttd?arch=source
Debian:14 / openttd
Package
- Name
- openttd
- Purl
- pkg:deb/debian/openttd?arch=source