VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Aug 10, 2008· Updated Apr 23, 2026

CVE-2008-3577

CVE-2008-3577

Description

Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows local users to execute arbitrary code via a large filename supplied to the "-g" parameter in the ttd_main function. NOTE: it is unlikely that this issue would cross privilege boundaries in typical environments.

Affected products

48
  • OpenTTD/Openttd48 versions
    cpe:2.3:a:openttd:openttd:0.1.1:*:*:*:*:*:*:*+ 47 more
    • cpe:2.3:a:openttd:openttd:0.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.3.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.4.6:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.4.7:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.4.8:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.4.8:rc1:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.4.8:rc2:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.5.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.5.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.5.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.5.0:rc4:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.5.0:rc5:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.5.1:rc1:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.5.1:rc2:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.5.1:rc3:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.5.2:rc1:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.5.3:rc1:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.5.3:rc2:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.5.3:rc3:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.6.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.6.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.6.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.6.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.6.0:beta5:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.6.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.6.1:rc1:*:*:*:*:*:*
    • cpe:2.3:a:openttd:openttd:0.6.1:rc2:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.