CVE-2012-3436
EPSS 2.3%
Description
OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to "the water/coast aspect of tiles which also have railtracks on one half."
How to fix CVE-2012-3436
To remediate CVE-2012-3436, upgrade the affected package to a fixed version below.
- Debian/openttd—upgrade to 1.2.1-2 or later
Is CVE-2012-3436 being exploited?
Low — EPSS is 2.3%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.2.1-2