Lines 34-39
Link Here
|
34 |
|
34 |
|
35 |
--> |
35 |
--> |
36 |
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> |
36 |
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> |
|
|
37 |
<vuln vid="9bad5ab1-f3f6-11e0-8b5c-b482fe3f522d"> |
38 |
<topic>OpenTTD -- Multiple buffer overflows in validation of external data</topic> |
39 |
<affects> |
40 |
<package> |
41 |
<name>openttd</name> |
42 |
<range><ge>0.1.0</ge><lt>1.1.3</lt></range> |
43 |
</package> |
44 |
</affects> |
45 |
<description> |
46 |
<body xmlns="http://www.w3.org/1999/xhtml"> |
47 |
<p>The OpenTTD Team reports:</p> |
48 |
<blockquote cite="http://security.openttd.org/en/CVE-2011-3343"> |
49 |
<p>Multiple buffer overflows in OpenTTD before 1.1.3 allow |
50 |
local users to cause a denial of service (daemon crash) or |
51 |
possibly gain privileges via (1) a crafted BMP file with RLE |
52 |
compression or (2) crafted dimensions in a BMP file.</p> |
53 |
</blockquote> |
54 |
</body> |
55 |
</description> |
56 |
<references> |
57 |
<cvename>CVE-2011-3343</cvename> |
58 |
<url>http://security.openttd.org/en/CVE-2011-3343</url> |
59 |
</references> |
60 |
<dates> |
61 |
<discovery>2011-08-25</discovery> |
62 |
<entry>2011-09-02</entry> |
63 |
</dates> |
64 |
</vuln> |
65 |
<vuln vid="78c25ed7-f3f9-11e0-8b5c-b482fe3f522d"> |
66 |
<topic>OpenTTD -- Buffer overflows in savegame loading</topic> |
67 |
<affects> |
68 |
<package> |
69 |
<name>openttd</name> |
70 |
<range><ge>0.1.0</ge><lt>1.1.3</lt></range> |
71 |
</package> |
72 |
</affects> |
73 |
<description> |
74 |
<body xmlns="http://www.w3.org/1999/xhtml"> |
75 |
<p>The OpenTTD Team reports:</p> |
76 |
<blockquote cite="http://security.openttd.org/en/CVE-2011-3342"> |
77 |
<p>Multiple buffer overflows in OpenTTD before 1.1.3 allow remote |
78 |
attackers to cause a denial of service (daemon crash) or possibly |
79 |
execute arbitrary code via vectors related to (1) NAME, (2) PLYR, |
80 |
(3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame.</p> |
81 |
</blockquote> |
82 |
</body> |
83 |
</description> |
84 |
<references> |
85 |
<cvename>CVE-2011-3342</cvename> |
86 |
<url>http://security.openttd.org/en/CVE-2011-3342</url> |
87 |
</references> |
88 |
<dates> |
89 |
<discovery>2011-08-08</discovery> |
90 |
<entry>2011-08-25</entry> |
91 |
</dates> |
92 |
</vuln> |
93 |
<vuln vid="e77befb5-f3f9-11e0-8b5c-b482fe3f522d"> |
94 |
<topic>OpenTTD -- Denial of service via improperly validated commands</topic> |
95 |
<affects> |
96 |
<package> |
97 |
<name>openttd</name> |
98 |
<range><ge>0.3.5</ge><lt>1.1.3</lt></range> |
99 |
</package> |
100 |
</affects> |
101 |
<description> |
102 |
<body xmlns="http://www.w3.org/1999/xhtml"> |
103 |
<p>The OpenTTD Team reports:</p> |
104 |
<blockquote cite="http://security.openttd.org/en/CVE-2011-3341"> |
105 |
<p>Multiple off-by-one errors in order_cmd.cpp in OpenTTD before |
106 |
1.1.3 allow remote attackers to cause a denial of service (daemon crash) |
107 |
or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command.</p> |
108 |
</blockquote> |
109 |
</body> |
110 |
</description> |
111 |
<references> |
112 |
<cvename>CVE-2011-3341</cvename> |
113 |
<url>http://security.openttd.org/en/CVE-2011-3341</url> |
114 |
</references> |
115 |
<dates> |
116 |
<discovery>2011-08-25</discovery> |
117 |
<entry>2011-08-26</entry> |
118 |
</dates> |
119 |
</vuln> |
37 |
<vuln vid="ab9be2c8-ef91-11e0-ad5a-00215c6a37bb"> |
120 |
<vuln vid="ab9be2c8-ef91-11e0-ad5a-00215c6a37bb"> |
38 |
<topic>quagga -- multiple vulnerabilities</topic> |
121 |
<topic>quagga -- multiple vulnerabilities</topic> |
39 |
<affects> |
122 |
<affects> |