This page lists all known vulnerabilities of OpenTTD with an explanation and patches for vulnerable versions.

The list given here is by no means a full list of vulnerabilities. Many vulnerabilities might have been fixed without us being aware of it being a vulnerability in the first place. The list does contain all vulnerabilities that have a CVE number.

Even though we provide some patches for older versions, we advise to use newer versions of OpenTTD.

name	description	first vulnerable	first fixed
CVE-2013-6411	Denial of service (server) using forcefully crashed aircrafts.	0.3.6	1.3.3
CVE-2012-3436	Denial of service (server) using ships on half tiles and landscaping.	0.6.0	1.2.2
CVE-2012-0049	Denial of service (server) via slow read attack	0.3.5	1.1.5
CVE-2011-3343	Multiple buffer overflows in validation of external data	0.1.0	1.1.3
CVE-2011-3342	Buffer overflows in savegame loading	0.1.0	1.1.3
CVE-2011-3341	Denial of service via improperly validated commands	0.3.5	1.1.3
CVE-2010-4168	Denial of service (server/client) via invalid read	1.0.0	1.0.5
CVE-2010-2534	Denial of service (server) via infinite loop	1.0.1	1.0.3
CVE-2010-0406	Denial of service (server) via leaking file descriptors	0.3.5	1.0.1
CVE-2010-0402	Denial of service via improperly validated commands	0.3.5	1.0.1
CVE-2010-0401	Access restriction circumvention, remote crash	0.3.5	1.0.1
CVE-2009-4007	Denial of service (server) using wagons and dual-headed engine	0.6.0	0.7.5
CVE-2008-3577	Buffer overflow in "-g" parameter handling	0.1.0	0.6.2
CVE-2008-3576	Buffer overflow in string truncation.	0.4.5	0.6.2
CVE-2008-3547	Denial of service (server) via UDP request	0.3.5	0.6.2
CVE-2006-1999	Denial of service (client) via UDP packet with incorrect size	0.3.5	0.4.8
CVE-2006-1998	Denial of service (server) via invalid error number	0.3.5	0.4.8
CVE-2005-2764	Multiple buffer overflows	0.1.0	0.4.5
CVE-2005-2763	Multiple format string vulnerabilities	0.3.5	0.4.5