FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2013-6411

This CVE name corresponds to:

Entered Topic
2013-11-28 OpenTTD -- Denial of service using forcefully crashed aircrafts

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2013-6411 at cve.mitre.org

Details

Type Candidate
Name CVE-2013-6411
Phase Assigned(20131104)

Description

The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map.

References

Source Reference
MLIST [oss-security] 20131129 Re: CVE request for OpenTTD
CONFIRM http://bugs.openttd.org/task/5820
CONFIRM http://vcs.openttd.org/svn/changeset/26134
CONFIRM https://security.openttd.org/en/CVE-2013-6411
SUSE openSUSE-SU-2013:1932
BID 64003
SECUNIA 55589
SECUNIA 56218
XF openttd-cve20136411-dos(89334)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.