The multiplayer menu in OpenTTD 0.4.7 allows remote attackers to cause a denial of service via a UDP packet with an incorrect size, which causes the client to return to the main menu.

OpenTTD 0.4.7 and earlier allows local users to cause a denial of service (application exit) via a large invalid error number, which triggers an error.