Search criteria
18 vulnerabilities found for wesnoth by wesnoth
FKIE_CVE-2009-0366
Vulnerability from fkie_nvd - Published: 2009-03-12 15:20 - Updated: 2025-04-09 00:30
Severity ?
Summary
The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth before r33069 allows remote attackers to cause a denial of service via a large compressed WML document.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FBEEB73-9922-4A87-9EE6-A712D58B831A",
"versionEndIncluding": "1.5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "E0BD9EF4-531F-42FC-B6FB-2EFE9D1DBF27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB817AC-44E4-41CD-BD03-7B5907243FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBDC2E2D-581C-4B8C-8DB1-2B34A22C1788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB9B969-9AEA-47B8-A2C1-D951DA5A6D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B3ECAC12-E14D-47F6-853C-758584EB4E29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF2E47D5-D0F1-4FC4-BC1C-9964BE85741D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFC79CA-F9B0-45FD-904C-B11760E11CD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "54937870-186F-4342-8658-6F3DA155A53D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9488E868-BFC2-4084-802C-874E41E0AE10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A15CBB13-9B93-4C87-A19E-56FFE900D257",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "63E587C8-E7D8-4FD8-A826-D7BFAE7F270D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED754F0-F2DB-445C-BE11-8525521C7B17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1B0FF72F-A313-4BF1-8E7A-BF7EAA2C5EEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B219D98C-B08A-4BB6-8C5B-E8978823A4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "18D98006-438D-4DF9-A40A-2B94CE8760EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "07FD8E16-22EC-43BF-8ED3-09236F1C3BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6F4D957E-7C2A-4062-A3DF-BD02E9CA5D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D02358E6-E408-4A1C-A391-9F870625C5C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "383AD5F9-7691-4DA8-9DD6-AAB110F54B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "51AF2340-3914-4411-BDC0-6B84548384B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "95688481-AC1B-4A58-90D3-E6E76D9E0011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E3FF4FDE-AF17-4BCE-AFEC-CDA138B76231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "30C116EF-BD41-4820-8243-A680EEB70055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C55CF49F-7678-41A9-8A4B-012A5B9EC78D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "952B7487-A920-40B0-BE80-8FA710149E1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2794D70A-2180-424E-BFC7-848413BBA6B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "31232ECA-2AF2-46EF-A9CA-BC692BFE4BBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "17A4E7EF-F4AD-4A96-BD79-664AFDF5AC4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B57DCD88-7731-49A5-AFCB-5C6104025CC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "41728562-611D-4F58-AB89-D1887B3564B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "76D1E17F-BC30-4F01-94D5-A64E07B9B03A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CC3AF888-E2B1-4130-992C-4B7CF6CF4405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "EF25A9ED-8349-4DB0-B719-770E3AE30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E4989C0D-A6E6-4317-9640-15E50C62A54F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A9D8C3FF-41EC-4C98-BC7A-5C419559CBA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "CF780D9D-2D07-42BF-A4AB-97F60C73A7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "A820E98A-D26D-4C9A-B476-8406C88437B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DB71E24E-1A08-491F-8379-FE41AF012E90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B57803-62E1-4F50-92DD-6796C6D60758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5D83E56-BE05-4DF7-88AD-BC0AD5098415",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "621115C3-5AF6-4709-BB0B-A0FE481C5C79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EE1549F8-FE6A-49E5-BC19-585C4957E061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD5F86E-F65D-4114-9057-A81B360BE143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "256B2C75-47E5-4A8F-9672-B56D17086764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ECD02FB1-72CD-42A3-8E7C-910490467A0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "15627E66-D852-4F68-9C9A-3EAF5B805BC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "415FE737-8F89-463D-9F1D-EF5EDACFCD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1941BB00-8039-4DD8-815A-1AE0CA986C70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5D091DF5-3229-43E0-BEC4-754992B8DD5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "77F8C56F-1F74-4F40-85D8-DA861DE4DB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E58D08-F602-4BE6-978D-34B58E9188B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51001322-B437-4A1C-83BA-C8E3C3BCE7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A991E343-0C44-4F37-80EE-5C0E45EDA909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "3C4223A3-6F43-4774-8579-59868FB5074B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CA5792D1-F342-41F2-B056-D8BA99F5C80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDB1AAF-2513-4511-9E28-E0E9ACF74C19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth before r33069 allows remote attackers to cause a denial of service via a large compressed WML document."
},
{
"lang": "es",
"value": "La funci\u00f3n uncompress_buffer en src/server/simple_wml.cpp en Wesnoth anterior a r33069 permite a atacantes remoto provocar una denegaci\u00f3n de servicio a trav\u00e9s de un documento WML de gran tama\u00f1o comprimido."
}
],
"id": "CVE-2009-0366",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-03-12T15:20:49.717",
"references": [
{
"source": "cve@mitre.org",
"url": "http://launchpad.net/bugs/335089"
},
{
"source": "cve@mitre.org",
"url": "http://launchpad.net/bugs/336396"
},
{
"source": "cve@mitre.org",
"url": "http://launchpad.net/bugs/cve/2009-0366"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/52672"
},
{
"source": "cve@mitre.org",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"source": "cve@mitre.org",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34236"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34253"
},
{
"source": "cve@mitre.org",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026r1=32990\u0026r2=33069"
},
{
"source": "cve@mitre.org",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026view=log"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2009/dsa-1737"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34085"
},
{
"source": "cve@mitre.org",
"url": "https://gna.org/bugs/index.php?13037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://launchpad.net/bugs/335089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://launchpad.net/bugs/336396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://launchpad.net/bugs/cve/2009-0366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/52672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34253"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026r1=32990\u0026r2=33069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026view=log"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://gna.org/bugs/index.php?13037"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-0878
Vulnerability from fkie_nvd - Published: 2009-03-12 15:20 - Updated: 2025-04-09 00:30
Severity ?
Summary
The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:*:*:*:*:*:*:*:*",
"matchCriteriaId": "609F32FF-6F53-4C4B-82FA-9A2E826CB871",
"versionEndIncluding": "1.4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E259B064-C2F5-4F09-B07A-B7765D0EA033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5EAE3A3-21AD-40DE-99C7-F5756C1E86E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "950BB8F3-CD18-4EF9-9D62-23FB26ACDD73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4987B9D2-193E-4AA6-99B1-DD2698E63B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B05F8A92-DA97-4B1B-8F58-69919C52E312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "02B29F51-C8BB-4AB9-9CEC-D4E0E21185DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B9422C5B-1D98-437D-871C-DE144B8D5968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBD6D024-A80D-4A34-ADEC-369500E0B398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE312CA7-1856-400C-A391-B50F75206200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F6CFECF2-1447-41DA-AEE4-14E70154FA48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B1215EED-6612-45BC-B51C-A6E4E2BE39EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "36D273E0-A46A-414F-AD0E-0CBE6D8A666D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C6E777D3-E4B8-44BC-9ECD-D903C9AA1D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2A43ED90-061D-456A-8C7D-89F1A229BAED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DA97E3DE-5157-496C-B676-09598EB1ABAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "648E0AD0-6E97-4973-8E58-CA9EE883C2A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57B7E333-AC80-4CA7-9D92-B34A17D16CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "55B877EC-E02B-40D1-9118-0867D5CAF91F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0241E3-6747-4FCF-AD27-A079C0F19DED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.99.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B58DBF-035B-42F7-9B6E-47E2A997DD11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.99.2:*:*:*:*:*:*:*",
"matchCriteriaId": "87FE42CE-1F4F-4D81-8476-F45081712C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.99.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C4CA6870-27A8-4B26-A868-3D962D992332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.99.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E2853429-C12F-4307-97E8-6C38EE70E304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.99.5:*:*:*:*:*:*:*",
"matchCriteriaId": "34A3D3FE-698A-4C52-AB2A-7E8C1B638051",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4058C550-F2A8-4111-8F84-1E9E84A3D7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F728B1C9-E5A9-462B-ADAF-DADE7F46EA21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B008FA-0450-4F14-8BAC-691B02A3B22F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B4611D18-F34F-45FF-B5BC-905A34910E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "16DFBE2B-D7F5-4B2E-8156-563A66B5E861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30008245-2643-44AE-B20A-63D00FE48E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "08B302AF-B0E4-44AD-A26D-F0BBFFE79C71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15528F7F-9927-4A50-9DF8-D40793FCCA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "41E06FBF-1AA7-4B55-AE1C-113D6A3990A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF41356-8F02-495A-B6E2-7E0AA23B89DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "730B766C-8B47-425C-A612-120989BC4E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4770E27E-893D-4AE1-850B-F5405770233F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0C405A91-95C3-479B-96E2-F37A1B4FCC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B91CAED-E15B-4CDF-83A7-C31F9CE683E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D41E8097-6464-4AB5-AB8C-E7936EAB3CE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB70E7A-795E-4A7E-91CA-781F98CC9FF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "429500DC-7592-4870-9360-94D3699F8ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CAD8D11F-F24C-4538-AD78-A9D7481C5EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "62B6E6EB-4CDE-439F-9FF3-DF2CA75D17CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA4EF0F-222E-4165-BA39-FC8CC0A61147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "3F32426F-86F8-44BC-BB0A-DB530372CF6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9E4C50CF-91C8-4990-8405-C7309910A353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3C90456F-96E6-4B6B-A61A-926E01CC9C07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BE039E74-555F-4F9B-BB9E-05C7709E03E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B157A699-B2A2-4E95-AB0E-A4607EFDAF71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE4FB8D-EB9C-43CF-8447-39F528DB841D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E6838344-84D6-41C7-A875-C915D955E323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7407AE95-4ADA-486E-B1FC-3282683F84B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8AAE5D43-38CD-4F0F-89F7-03358D47A23B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "71453BBF-B911-483C-9F44-0D3D9053EA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "04B09BA0-35F2-43E7-8E2B-6EE03844A7D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B378A8D9-86F7-4906-8B49-5145F3A31686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "E0BD9EF4-531F-42FC-B6FB-2EFE9D1DBF27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.0rcl:*:*:*:*:*:*:*",
"matchCriteriaId": "6056DDDC-A194-4A30-B7E0-8BA912D9A466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB817AC-44E4-41CD-BD03-7B5907243FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBDC2E2D-581C-4B8C-8DB1-2B34A22C1788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB9B969-9AEA-47B8-A2C1-D951DA5A6D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B3ECAC12-E14D-47F6-853C-758584EB4E29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF2E47D5-D0F1-4FC4-BC1C-9964BE85741D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFC79CA-F9B0-45FD-904C-B11760E11CD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "54937870-186F-4342-8658-6F3DA155A53D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9488E868-BFC2-4084-802C-874E41E0AE10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A15CBB13-9B93-4C87-A19E-56FFE900D257",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "63E587C8-E7D8-4FD8-A826-D7BFAE7F270D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED754F0-F2DB-445C-BE11-8525521C7B17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1B0FF72F-A313-4BF1-8E7A-BF7EAA2C5EEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B219D98C-B08A-4BB6-8C5B-E8978823A4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "18D98006-438D-4DF9-A40A-2B94CE8760EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "07FD8E16-22EC-43BF-8ED3-09236F1C3BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6F4D957E-7C2A-4062-A3DF-BD02E9CA5D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D02358E6-E408-4A1C-A391-9F870625C5C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "383AD5F9-7691-4DA8-9DD6-AAB110F54B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "51AF2340-3914-4411-BDC0-6B84548384B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "95688481-AC1B-4A58-90D3-E6E76D9E0011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E3FF4FDE-AF17-4BCE-AFEC-CDA138B76231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "30C116EF-BD41-4820-8243-A680EEB70055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C55CF49F-7678-41A9-8A4B-012A5B9EC78D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "952B7487-A920-40B0-BE80-8FA710149E1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FADF53ED-10A0-4F03-8B8B-EE8CB4BDB9E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8675995D-8CE9-4A5F-B8AB-E4C33C5EB6B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "873FD0CA-4B14-4927-B430-52D24176FC8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "61B37AA0-8114-4F1A-B9D5-3DFAF896E644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "40A6BB07-3825-412F-9E1D-1C990767157C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E7024803-04D0-476E-B2EB-347D2A4F0CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F467E7C6-B3A3-4BAC-A377-9CA52A85A669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2794D70A-2180-424E-BFC7-848413BBA6B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "31232ECA-2AF2-46EF-A9CA-BC692BFE4BBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "17A4E7EF-F4AD-4A96-BD79-664AFDF5AC4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B57DCD88-7731-49A5-AFCB-5C6104025CC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "41728562-611D-4F58-AB89-D1887B3564B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "76D1E17F-BC30-4F01-94D5-A64E07B9B03A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CC3AF888-E2B1-4130-992C-4B7CF6CF4405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "EF25A9ED-8349-4DB0-B719-770E3AE30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E4989C0D-A6E6-4317-9640-15E50C62A54F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A9D8C3FF-41EC-4C98-BC7A-5C419559CBA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "CF780D9D-2D07-42BF-A4AB-97F60C73A7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "A820E98A-D26D-4C9A-B476-8406C88437B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DB71E24E-1A08-491F-8379-FE41AF012E90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B57803-62E1-4F50-92DD-6796C6D60758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5D83E56-BE05-4DF7-88AD-BC0AD5098415",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "621115C3-5AF6-4709-BB0B-A0FE481C5C79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EE1549F8-FE6A-49E5-BC19-585C4957E061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD5F86E-F65D-4114-9057-A81B360BE143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "256B2C75-47E5-4A8F-9672-B56D17086764",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height."
},
{
"lang": "es",
"value": "La funci\u00f3n read_game_map en src/terrain_translation.cpp en Wesnoth anterior a r32987, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria y cuelgue de demonio) a trav\u00e9s un mapa con una gran (1) anchura o (2) peso."
}
],
"id": "CVE-2009-0878",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-03-12T15:20:49.937",
"references": [
{
"source": "cve@mitre.org",
"url": "http://launchpad.net/bugs/335089"
},
{
"source": "cve@mitre.org",
"url": "http://launchpad.net/bugs/336396"
},
{
"source": "cve@mitre.org",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"source": "cve@mitre.org",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"source": "cve@mitre.org",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987\u0026rev=32987\u0026r1=31859\u0026dir_pagestart=200"
},
{
"source": "cve@mitre.org",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078\u0026dir_pagestart=200\u0026view=log"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49294"
},
{
"source": "cve@mitre.org",
"url": "https://gna.org/bugs/index.php?13031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://launchpad.net/bugs/335089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://launchpad.net/bugs/336396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987\u0026rev=32987\u0026r1=31859\u0026dir_pagestart=200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078\u0026dir_pagestart=200\u0026view=log"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://gna.org/bugs/index.php?13031"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-0367
Vulnerability from fkie_nvd - Published: 2009-03-05 02:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wesnoth | wesnoth | 1.4 | |
| wesnoth | wesnoth | 1.4.1 | |
| wesnoth | wesnoth | 1.4.2 | |
| wesnoth | wesnoth | 1.4.3 | |
| wesnoth | wesnoth | 1.4.4 | |
| wesnoth | wesnoth | 1.4.5 | |
| wesnoth | wesnoth | 1.4.6 | |
| wesnoth | wesnoth | 1.4.7 | |
| wesnoth | wesnoth | 1.5.0 | |
| wesnoth | wesnoth | 1.5.1 | |
| wesnoth | wesnoth | 1.5.2 | |
| wesnoth | wesnoth | 1.5.3 | |
| wesnoth | wesnoth | 1.5.4 | |
| wesnoth | wesnoth | 1.5.5 | |
| wesnoth | wesnoth | 1.5.6 | |
| wesnoth | wesnoth | 1.5.7 | |
| wesnoth | wesnoth | 1.5.8 | |
| wesnoth | wesnoth | 1.5.9 | |
| wesnoth | wesnoth | 1.5.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DB71E24E-1A08-491F-8379-FE41AF012E90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B57803-62E1-4F50-92DD-6796C6D60758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5D83E56-BE05-4DF7-88AD-BC0AD5098415",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "621115C3-5AF6-4709-BB0B-A0FE481C5C79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EE1549F8-FE6A-49E5-BC19-585C4957E061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD5F86E-F65D-4114-9057-A81B360BE143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "256B2C75-47E5-4A8F-9672-B56D17086764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ECD02FB1-72CD-42A3-8E7C-910490467A0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "15627E66-D852-4F68-9C9A-3EAF5B805BC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "415FE737-8F89-463D-9F1D-EF5EDACFCD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1941BB00-8039-4DD8-815A-1AE0CA986C70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5D091DF5-3229-43E0-BEC4-754992B8DD5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "77F8C56F-1F74-4F40-85D8-DA861DE4DB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E58D08-F602-4BE6-978D-34B58E9188B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51001322-B437-4A1C-83BA-C8E3C3BCE7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A991E343-0C44-4F37-80EE-5C0E45EDA909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "3C4223A3-6F43-4774-8579-59868FB5074B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CA5792D1-F342-41F2-B056-D8BA99F5C80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDB1AAF-2513-4511-9E28-E0E9ACF74C19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module."
},
{
"lang": "es",
"value": "El m\u00f3dulo Python AI de Wesnoth v1.4.x y v1.5 anterior a v1.5.11, permite a atacantes remotos escapar del sandbox -caj\u00f3n de arena- y ejecutar c\u00f3digo de su elecci\u00f3n utilizando un m\u00f3dulo de lista blanca que importa un m\u00f3dulo no seguro, despu\u00e9s la usar el nombre de un m\u00f3dulo jer\u00e1rquico para acceder a un m\u00f3dulo no seguro a trav\u00e9s del m\u00f3dulo de lista blanca."
}
],
"id": "CVE-2009-0367",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-03-05T02:30:00.327",
"references": [
{
"source": "cve@mitre.org",
"url": "http://launchpad.net/bugs/335089"
},
{
"source": "cve@mitre.org",
"url": "http://launchpad.net/bugs/336396"
},
{
"source": "cve@mitre.org",
"url": "http://launchpad.net/bugs/cve/2009-0367"
},
{
"source": "cve@mitre.org",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"source": "cve@mitre.org",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34058"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34236"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2009/dsa-1737"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0595"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=24247"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=24340"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49058"
},
{
"source": "cve@mitre.org",
"url": "https://gna.org/bugs/index.php?13048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://launchpad.net/bugs/335089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://launchpad.net/bugs/336396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://launchpad.net/bugs/cve/2009-0367"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0595"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=24247"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=24340"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://gna.org/bugs/index.php?13048"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-5742
Vulnerability from fkie_nvd - Published: 2007-12-01 06:46 - Updated: 2025-04-09 00:30
Severity ?
Summary
Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via ".." sequences in unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E259B064-C2F5-4F09-B07A-B7765D0EA033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5EAE3A3-21AD-40DE-99C7-F5756C1E86E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "950BB8F3-CD18-4EF9-9D62-23FB26ACDD73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4987B9D2-193E-4AA6-99B1-DD2698E63B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B05F8A92-DA97-4B1B-8F58-69919C52E312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "02B29F51-C8BB-4AB9-9CEC-D4E0E21185DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B9422C5B-1D98-437D-871C-DE144B8D5968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBD6D024-A80D-4A34-ADEC-369500E0B398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE312CA7-1856-400C-A391-B50F75206200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F6CFECF2-1447-41DA-AEE4-14E70154FA48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B1215EED-6612-45BC-B51C-A6E4E2BE39EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "36D273E0-A46A-414F-AD0E-0CBE6D8A666D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C6E777D3-E4B8-44BC-9ECD-D903C9AA1D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2A43ED90-061D-456A-8C7D-89F1A229BAED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DA97E3DE-5157-496C-B676-09598EB1ABAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "648E0AD0-6E97-4973-8E58-CA9EE883C2A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57B7E333-AC80-4CA7-9D92-B34A17D16CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "55B877EC-E02B-40D1-9118-0867D5CAF91F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0241E3-6747-4FCF-AD27-A079C0F19DED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.99.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B58DBF-035B-42F7-9B6E-47E2A997DD11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.99.2:*:*:*:*:*:*:*",
"matchCriteriaId": "87FE42CE-1F4F-4D81-8476-F45081712C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.99.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C4CA6870-27A8-4B26-A868-3D962D992332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.99.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E2853429-C12F-4307-97E8-6C38EE70E304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.99.5:*:*:*:*:*:*:*",
"matchCriteriaId": "34A3D3FE-698A-4C52-AB2A-7E8C1B638051",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4058C550-F2A8-4111-8F84-1E9E84A3D7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F728B1C9-E5A9-462B-ADAF-DADE7F46EA21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B008FA-0450-4F14-8BAC-691B02A3B22F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B4611D18-F34F-45FF-B5BC-905A34910E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "16DFBE2B-D7F5-4B2E-8156-563A66B5E861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30008245-2643-44AE-B20A-63D00FE48E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "08B302AF-B0E4-44AD-A26D-F0BBFFE79C71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15528F7F-9927-4A50-9DF8-D40793FCCA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "41E06FBF-1AA7-4B55-AE1C-113D6A3990A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF41356-8F02-495A-B6E2-7E0AA23B89DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "730B766C-8B47-425C-A612-120989BC4E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4770E27E-893D-4AE1-850B-F5405770233F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0C405A91-95C3-479B-96E2-F37A1B4FCC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B91CAED-E15B-4CDF-83A7-C31F9CE683E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D41E8097-6464-4AB5-AB8C-E7936EAB3CE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB70E7A-795E-4A7E-91CA-781F98CC9FF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "429500DC-7592-4870-9360-94D3699F8ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CAD8D11F-F24C-4538-AD78-A9D7481C5EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "62B6E6EB-4CDE-439F-9FF3-DF2CA75D17CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA4EF0F-222E-4165-BA39-FC8CC0A61147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "3F32426F-86F8-44BC-BB0A-DB530372CF6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9E4C50CF-91C8-4990-8405-C7309910A353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3C90456F-96E6-4B6B-A61A-926E01CC9C07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BE039E74-555F-4F9B-BB9E-05C7709E03E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B157A699-B2A2-4E95-AB0E-A4607EFDAF71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE4FB8D-EB9C-43CF-8447-39F528DB841D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E6838344-84D6-41C7-A875-C915D955E323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7407AE95-4ADA-486E-B1FC-3282683F84B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8AAE5D43-38CD-4F0F-89F7-03358D47A23B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "71453BBF-B911-483C-9F44-0D3D9053EA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "04B09BA0-35F2-43E7-8E2B-6EE03844A7D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B378A8D9-86F7-4906-8B49-5145F3A31686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.0rcl:*:*:*:*:*:*:*",
"matchCriteriaId": "6056DDDC-A194-4A30-B7E0-8BA912D9A466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB817AC-44E4-41CD-BD03-7B5907243FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBDC2E2D-581C-4B8C-8DB1-2B34A22C1788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB9B969-9AEA-47B8-A2C1-D951DA5A6D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B3ECAC12-E14D-47F6-853C-758584EB4E29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF2E47D5-D0F1-4FC4-BC1C-9964BE85741D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFC79CA-F9B0-45FD-904C-B11760E11CD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "54937870-186F-4342-8658-6F3DA155A53D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9488E868-BFC2-4084-802C-874E41E0AE10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A15CBB13-9B93-4C87-A19E-56FFE900D257",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "63E587C8-E7D8-4FD8-A826-D7BFAE7F270D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED754F0-F2DB-445C-BE11-8525521C7B17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1B0FF72F-A313-4BF1-8E7A-BF7EAA2C5EEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B219D98C-B08A-4BB6-8C5B-E8978823A4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "18D98006-438D-4DF9-A40A-2B94CE8760EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "07FD8E16-22EC-43BF-8ED3-09236F1C3BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6F4D957E-7C2A-4062-A3DF-BD02E9CA5D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D02358E6-E408-4A1C-A391-9F870625C5C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "383AD5F9-7691-4DA8-9DD6-AAB110F54B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "51AF2340-3914-4411-BDC0-6B84548384B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "95688481-AC1B-4A58-90D3-E6E76D9E0011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E3FF4FDE-AF17-4BCE-AFEC-CDA138B76231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "30C116EF-BD41-4820-8243-A680EEB70055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C55CF49F-7678-41A9-8A4B-012A5B9EC78D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "952B7487-A920-40B0-BE80-8FA710149E1B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via \"..\" sequences in unknown vectors."
},
{
"lang": "es",
"value": "Una vulnerabilidad de salto de directorio en el preprocesador del motor WML para Wesnoth versiones 1.2.x anteriores a 1.2.8 y versiones 1.3.x anteriores a 1.3.12, permite a atacantes remotos leer archivos arbitrarios por medio de secuencias \"..\" en vectores desconocidos."
}
],
"id": "CVE-2007-5742",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-12-01T06:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/41713"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27786"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27920"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27943"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=557098"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2007/dsa-1421"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26626"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/4026"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"
},
{
"source": "cve@mitre.org",
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38752"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/41713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27786"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=557098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1421"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/4026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00006.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-6201
Vulnerability from fkie_nvd - Published: 2007-12-01 06:46 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows attackers to cause a denial of service (hang) via a "faulty add-on" and possibly execute other commands via unknown vectors related to the turn_cmd option.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wesnoth | wesnoth | 1.2 | |
| wesnoth | wesnoth | 1.2.1 | |
| wesnoth | wesnoth | 1.2.2 | |
| wesnoth | wesnoth | 1.2.3 | |
| wesnoth | wesnoth | 1.2.4 | |
| wesnoth | wesnoth | 1.2.5 | |
| wesnoth | wesnoth | 1.2.6 | |
| wesnoth | wesnoth | 1.2.7 | |
| wesnoth | wesnoth | 1.3.1 | |
| wesnoth | wesnoth | 1.3.2 | |
| wesnoth | wesnoth | 1.3.3 | |
| wesnoth | wesnoth | 1.3.4 | |
| wesnoth | wesnoth | 1.3.5 | |
| wesnoth | wesnoth | 1.3.6 | |
| wesnoth | wesnoth | 1.3.7 | |
| wesnoth | wesnoth | 1.3.8 | |
| wesnoth | wesnoth | 1.3.9 | |
| wesnoth | wesnoth | 1.3.10 | |
| wesnoth | wesnoth | 1.3.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6F4D957E-7C2A-4062-A3DF-BD02E9CA5D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D02358E6-E408-4A1C-A391-9F870625C5C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "383AD5F9-7691-4DA8-9DD6-AAB110F54B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "51AF2340-3914-4411-BDC0-6B84548384B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "95688481-AC1B-4A58-90D3-E6E76D9E0011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E3FF4FDE-AF17-4BCE-AFEC-CDA138B76231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "30C116EF-BD41-4820-8243-A680EEB70055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C55CF49F-7678-41A9-8A4B-012A5B9EC78D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FADF53ED-10A0-4F03-8B8B-EE8CB4BDB9E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8675995D-8CE9-4A5F-B8AB-E4C33C5EB6B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "873FD0CA-4B14-4927-B430-52D24176FC8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "61B37AA0-8114-4F1A-B9D5-3DFAF896E644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "40A6BB07-3825-412F-9E1D-1C990767157C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E7024803-04D0-476E-B2EB-347D2A4F0CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F467E7C6-B3A3-4BAC-A377-9CA52A85A669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2794D70A-2180-424E-BFC7-848413BBA6B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "31232ECA-2AF2-46EF-A9CA-BC692BFE4BBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "17A4E7EF-F4AD-4A96-BD79-664AFDF5AC4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B57DCD88-7731-49A5-AFCB-5C6104025CC4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows attackers to cause a denial of service (hang) via a \"faulty add-on\" and possibly execute other commands via unknown vectors related to the turn_cmd option."
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en Wesnoth versiones 1.2.x anteriores a 1.2.8 y versiones 1.3.x anteriores a 1.3.12, permite a atacantes causar una denegaci\u00f3n de servicio (bloqueo) por medio de un \"faulty add-on\" y probablemente ejecutar otros comandos por medio de vectores desconocidos relacionados con la opci\u00f3n turn_cmd."
}
],
"id": "CVE-2007-6201",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-12-01T06:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27786"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=557098"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/26625"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/4026"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"
},
{
"source": "cve@mitre.org",
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38751"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27786"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=557098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/26625"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/4026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38751"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-3917
Vulnerability from fkie_nvd - Published: 2007-10-11 10:17 - Updated: 2025-04-09 00:30
Severity ?
Summary
The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the truncate_message function in server/server.cpp. NOTE: this issue affects both clients and servers.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wesnoth | wesnoth | 1.2 | |
| wesnoth | wesnoth | 1.2.1 | |
| wesnoth | wesnoth | 1.2.2 | |
| wesnoth | wesnoth | 1.2.3 | |
| wesnoth | wesnoth | 1.2.4 | |
| wesnoth | wesnoth | 1.2.5 | |
| wesnoth | wesnoth | 1.2.6 | |
| wesnoth | wesnoth | 1.3.1 | |
| wesnoth | wesnoth | 1.3.2 | |
| wesnoth | wesnoth | 1.3.3 | |
| wesnoth | wesnoth | 1.3.4 | |
| wesnoth | wesnoth | 1.3.5 | |
| wesnoth | wesnoth | 1.3.6 | |
| wesnoth | wesnoth | 1.3.7 | |
| wesnoth | wesnoth | 1.3.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6F4D957E-7C2A-4062-A3DF-BD02E9CA5D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D02358E6-E408-4A1C-A391-9F870625C5C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "383AD5F9-7691-4DA8-9DD6-AAB110F54B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "51AF2340-3914-4411-BDC0-6B84548384B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "95688481-AC1B-4A58-90D3-E6E76D9E0011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E3FF4FDE-AF17-4BCE-AFEC-CDA138B76231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "30C116EF-BD41-4820-8243-A680EEB70055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FADF53ED-10A0-4F03-8B8B-EE8CB4BDB9E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8675995D-8CE9-4A5F-B8AB-E4C33C5EB6B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "873FD0CA-4B14-4927-B430-52D24176FC8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "61B37AA0-8114-4F1A-B9D5-3DFAF896E644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "40A6BB07-3825-412F-9E1D-1C990767157C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E7024803-04D0-476E-B2EB-347D2A4F0CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F467E7C6-B3A3-4BAC-A377-9CA52A85A669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2794D70A-2180-424E-BFC7-848413BBA6B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the truncate_message function in server/server.cpp. NOTE: this issue affects both clients and servers."
},
{
"lang": "es",
"value": "El motor multijugador en Wesnoth versiones 1.2.x anteriores a 1.2.7 y versiones 1.3.x anteriores a 1.3.9, permite a los servidores remotos causar una denegaci\u00f3n de servicio (bloqueo) por medio de un mensaje largo con caracteres multibyte que puede producir una cadena UTF-8 no v\u00e1lida despu\u00e9s que est\u00e1 truncado, lo que desencadena una excepci\u00f3n no detectada, que involucra la funci\u00f3n truncate_message en el archivo server/server.cpp. NOTA: este problema afecta tanto a los clientes como a los servidores."
}
],
"id": "CVE-2007-3917",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-11T10:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/41711"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27137"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27218"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27241"
},
{
"source": "cve@mitre.org",
"url": "http://svn.gna.org/viewcvs/wesnoth/tags/1.2.7/changelog?rev=20982\u0026view=download"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2007/dsa-1386"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/25995"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3449"
},
{
"source": "cve@mitre.org",
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=256618"
},
{
"source": "cve@mitre.org",
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18188"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=324841"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37047"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00194.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/41711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.gna.org/viewcvs/wesnoth/tags/1.2.7/changelog?rev=20982\u0026view=download"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=256618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=324841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00194.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2009-0878 (GCVE-0-2009-0878)
Vulnerability from cvelistv5 – Published: 2009-03-12 15:00 – Updated: 2024-08-07 04:48
VLAI?
Summary
The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:48:52.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://launchpad.net/bugs/336396"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"name": "wesnoth-readgamemap-dos(49294)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49294"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987\u0026rev=32987\u0026r1=31859\u0026dir_pagestart=200"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078\u0026dir_pagestart=200\u0026view=log"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://gna.org/bugs/index.php?13031"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://launchpad.net/bugs/335089"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://launchpad.net/bugs/336396"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"name": "wesnoth-readgamemap-dos(49294)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49294"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987\u0026rev=32987\u0026r1=31859\u0026dir_pagestart=200"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078\u0026dir_pagestart=200\u0026view=log"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://gna.org/bugs/index.php?13031"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://launchpad.net/bugs/335089"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0878",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://launchpad.net/bugs/336396",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/336396"
},
{
"name": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog",
"refsource": "CONFIRM",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"name": "wesnoth-readgamemap-dos(49294)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49294"
},
{
"name": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog",
"refsource": "CONFIRM",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"name": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987\u0026rev=32987\u0026r1=31859\u0026dir_pagestart=200",
"refsource": "CONFIRM",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987\u0026rev=32987\u0026r1=31859\u0026dir_pagestart=200"
},
{
"name": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078\u0026dir_pagestart=200\u0026view=log",
"refsource": "CONFIRM",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078\u0026dir_pagestart=200\u0026view=log"
},
{
"name": "https://gna.org/bugs/index.php?13031",
"refsource": "CONFIRM",
"url": "https://gna.org/bugs/index.php?13031"
},
{
"name": "http://launchpad.net/bugs/335089",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/335089"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0878",
"datePublished": "2009-03-12T15:00:00",
"dateReserved": "2009-03-12T00:00:00",
"dateUpdated": "2024-08-07T04:48:52.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0366 (GCVE-0-2009-0366)
Vulnerability from cvelistv5 – Published: 2009-03-12 15:00 – Updated: 2024-08-07 04:31
VLAI?
Summary
The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth before r33069 allows remote attackers to cause a denial of service via a large compressed WML document.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:31:25.762Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://launchpad.net/bugs/336396"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://gna.org/bugs/index.php?13037"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"name": "52672",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/52672"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026view=log"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"name": "34085",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34085"
},
{
"name": "34253",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34253"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026r1=32990\u0026r2=33069"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://launchpad.net/bugs/cve/2009-0366"
},
{
"name": "34236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34236"
},
{
"name": "DSA-1737",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1737"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://launchpad.net/bugs/335089"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth before r33069 allows remote attackers to cause a denial of service via a large compressed WML document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-19T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://launchpad.net/bugs/336396"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://gna.org/bugs/index.php?13037"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"name": "52672",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/52672"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026view=log"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"name": "34085",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34085"
},
{
"name": "34253",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34253"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026r1=32990\u0026r2=33069"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://launchpad.net/bugs/cve/2009-0366"
},
{
"name": "34236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34236"
},
{
"name": "DSA-1737",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1737"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://launchpad.net/bugs/335089"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth before r33069 allows remote attackers to cause a denial of service via a large compressed WML document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://launchpad.net/bugs/336396",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/336396"
},
{
"name": "https://gna.org/bugs/index.php?13037",
"refsource": "CONFIRM",
"url": "https://gna.org/bugs/index.php?13037"
},
{
"name": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog",
"refsource": "CONFIRM",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"name": "52672",
"refsource": "OSVDB",
"url": "http://osvdb.org/52672"
},
{
"name": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026view=log",
"refsource": "CONFIRM",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026view=log"
},
{
"name": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog",
"refsource": "CONFIRM",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"name": "34085",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34085"
},
{
"name": "34253",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34253"
},
{
"name": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026r1=32990\u0026r2=33069",
"refsource": "CONFIRM",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026r1=32990\u0026r2=33069"
},
{
"name": "http://launchpad.net/bugs/cve/2009-0366",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/cve/2009-0366"
},
{
"name": "34236",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34236"
},
{
"name": "DSA-1737",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1737"
},
{
"name": "http://launchpad.net/bugs/335089",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/335089"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0366",
"datePublished": "2009-03-12T15:00:00",
"dateReserved": "2009-01-29T00:00:00",
"dateUpdated": "2024-08-07T04:31:25.762Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0367 (GCVE-0-2009-0367)
Vulnerability from cvelistv5 – Published: 2009-03-05 02:00 – Updated: 2024-08-07 04:31
VLAI?
Summary
The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:31:26.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://launchpad.net/bugs/336396"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://gna.org/bugs/index.php?13048"
},
{
"name": "wesnoth-pythonai-code-execution(49058)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49058"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=24340"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=24247"
},
{
"name": "34058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34058"
},
{
"name": "ADV-2009-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0595"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://launchpad.net/bugs/cve/2009-0367"
},
{
"name": "34236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34236"
},
{
"name": "DSA-1737",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1737"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://launchpad.net/bugs/335089"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://launchpad.net/bugs/336396"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://gna.org/bugs/index.php?13048"
},
{
"name": "wesnoth-pythonai-code-execution(49058)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49058"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=24340"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=24247"
},
{
"name": "34058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34058"
},
{
"name": "ADV-2009-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0595"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://launchpad.net/bugs/cve/2009-0367"
},
{
"name": "34236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34236"
},
{
"name": "DSA-1737",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1737"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://launchpad.net/bugs/335089"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://launchpad.net/bugs/336396",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/336396"
},
{
"name": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog",
"refsource": "CONFIRM",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"name": "https://gna.org/bugs/index.php?13048",
"refsource": "CONFIRM",
"url": "https://gna.org/bugs/index.php?13048"
},
{
"name": "wesnoth-pythonai-code-execution(49058)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49058"
},
{
"name": "http://www.wesnoth.org/forum/viewtopic.php?t=24340",
"refsource": "CONFIRM",
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=24340"
},
{
"name": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog",
"refsource": "CONFIRM",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"name": "http://www.wesnoth.org/forum/viewtopic.php?t=24247",
"refsource": "CONFIRM",
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=24247"
},
{
"name": "34058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34058"
},
{
"name": "ADV-2009-0595",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0595"
},
{
"name": "http://launchpad.net/bugs/cve/2009-0367",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/cve/2009-0367"
},
{
"name": "34236",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34236"
},
{
"name": "DSA-1737",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1737"
},
{
"name": "http://launchpad.net/bugs/335089",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/335089"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0367",
"datePublished": "2009-03-05T02:00:00",
"dateReserved": "2009-01-29T00:00:00",
"dateUpdated": "2024-08-07T04:31:26.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6201 (GCVE-0-2007-6201)
Vulnerability from cvelistv5 – Published: 2007-12-01 02:00 – Updated: 2024-08-07 15:54
VLAI?
Summary
Unspecified vulnerability in Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows attackers to cause a denial of service (hang) via a "faulty add-on" and possibly execute other commands via unknown vectors related to the turn_cmd option.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:27.170Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=557098"
},
{
"name": "26625",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26625"
},
{
"name": "wesnoth-turncmd-dos(38751)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38751"
},
{
"name": "27786",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27786"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"
},
{
"name": "ADV-2007-4026",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4026"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows attackers to cause a denial of service (hang) via a \"faulty add-on\" and possibly execute other commands via unknown vectors related to the turn_cmd option."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=557098"
},
{
"name": "26625",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26625"
},
{
"name": "wesnoth-turncmd-dos(38751)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38751"
},
{
"name": "27786",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27786"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"
},
{
"name": "ADV-2007-4026",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4026"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6201",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows attackers to cause a denial of service (hang) via a \"faulty add-on\" and possibly execute other commands via unknown vectors related to the turn_cmd option."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=557098",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=557098"
},
{
"name": "26625",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26625"
},
{
"name": "wesnoth-turncmd-dos(38751)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38751"
},
{
"name": "27786",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27786"
},
{
"name": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289",
"refsource": "CONFIRM",
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"
},
{
"name": "ADV-2007-4026",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4026"
},
{
"name": "http://www.wesnoth.org/forum/viewtopic.php?t=18844",
"refsource": "CONFIRM",
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6201",
"datePublished": "2007-12-01T02:00:00",
"dateReserved": "2007-11-30T00:00:00",
"dateUpdated": "2024-08-07T15:54:27.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5742 (GCVE-0-2007-5742)
Vulnerability from cvelistv5 – Published: 2007-12-01 02:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via ".." sequences in unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.744Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "41713",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41713"
},
{
"name": "27920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27920"
},
{
"name": "FEDORA-2007-3989",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=557098"
},
{
"name": "27943",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27943"
},
{
"name": "27786",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27786"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"
},
{
"name": "FEDORA-2007-3986",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00004.html"
},
{
"name": "ADV-2007-4026",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4026"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"
},
{
"name": "wesnoth-wml-directory-traversal(38752)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38752"
},
{
"name": "26626",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26626"
},
{
"name": "DSA-1421",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1421"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via \"..\" sequences in unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "41713",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41713"
},
{
"name": "27920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27920"
},
{
"name": "FEDORA-2007-3989",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=557098"
},
{
"name": "27943",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27943"
},
{
"name": "27786",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27786"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"
},
{
"name": "FEDORA-2007-3986",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00004.html"
},
{
"name": "ADV-2007-4026",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4026"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"
},
{
"name": "wesnoth-wml-directory-traversal(38752)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38752"
},
{
"name": "26626",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26626"
},
{
"name": "DSA-1421",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1421"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5742",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via \"..\" sequences in unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "41713",
"refsource": "OSVDB",
"url": "http://osvdb.org/41713"
},
{
"name": "27920",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27920"
},
{
"name": "FEDORA-2007-3989",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00006.html"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=557098",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=557098"
},
{
"name": "27943",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27943"
},
{
"name": "27786",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27786"
},
{
"name": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289",
"refsource": "CONFIRM",
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"
},
{
"name": "FEDORA-2007-3986",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00004.html"
},
{
"name": "ADV-2007-4026",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4026"
},
{
"name": "http://www.wesnoth.org/forum/viewtopic.php?t=18844",
"refsource": "CONFIRM",
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"
},
{
"name": "wesnoth-wml-directory-traversal(38752)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38752"
},
{
"name": "26626",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26626"
},
{
"name": "DSA-1421",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1421"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5742",
"datePublished": "2007-12-01T02:00:00",
"dateReserved": "2007-10-31T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3917 (GCVE-0-2007-3917)
Vulnerability from cvelistv5 – Published: 2007-10-11 10:00 – Updated: 2024-08-07 14:37
VLAI?
Summary
The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the truncate_message function in server/server.cpp. NOTE: this issue affects both clients and servers.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:05.771Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=256618"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=324841"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18188"
},
{
"name": "41711",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41711"
},
{
"name": "25995",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25995"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/tags/1.2.7/changelog?rev=20982\u0026view=download"
},
{
"name": "27218",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27218"
},
{
"name": "FEDORA-2007-2496",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00194.html"
},
{
"name": "wesnoth-utf8-dos(37047)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37047"
},
{
"name": "27241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27241"
},
{
"name": "DSA-1386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1386"
},
{
"name": "ADV-2007-3449",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3449"
},
{
"name": "27137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27137"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the truncate_message function in server/server.cpp. NOTE: this issue affects both clients and servers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=256618"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=324841"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18188"
},
{
"name": "41711",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41711"
},
{
"name": "25995",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25995"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/tags/1.2.7/changelog?rev=20982\u0026view=download"
},
{
"name": "27218",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27218"
},
{
"name": "FEDORA-2007-2496",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00194.html"
},
{
"name": "wesnoth-utf8-dos(37047)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37047"
},
{
"name": "27241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27241"
},
{
"name": "DSA-1386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1386"
},
{
"name": "ADV-2007-3449",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3449"
},
{
"name": "27137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27137"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3917",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the truncate_message function in server/server.cpp. NOTE: this issue affects both clients and servers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.wesnoth.org/forum/viewtopic.php?p=256618",
"refsource": "CONFIRM",
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=256618"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=324841",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=324841"
},
{
"name": "http://www.wesnoth.org/forum/viewtopic.php?t=18188",
"refsource": "CONFIRM",
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18188"
},
{
"name": "41711",
"refsource": "OSVDB",
"url": "http://osvdb.org/41711"
},
{
"name": "25995",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25995"
},
{
"name": "http://svn.gna.org/viewcvs/wesnoth/tags/1.2.7/changelog?rev=20982\u0026view=download",
"refsource": "CONFIRM",
"url": "http://svn.gna.org/viewcvs/wesnoth/tags/1.2.7/changelog?rev=20982\u0026view=download"
},
{
"name": "27218",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27218"
},
{
"name": "FEDORA-2007-2496",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00194.html"
},
{
"name": "wesnoth-utf8-dos(37047)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37047"
},
{
"name": "27241",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27241"
},
{
"name": "DSA-1386",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1386"
},
{
"name": "ADV-2007-3449",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3449"
},
{
"name": "27137",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27137"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3917",
"datePublished": "2007-10-11T10:00:00",
"dateReserved": "2007-07-20T00:00:00",
"dateUpdated": "2024-08-07T14:37:05.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0878 (GCVE-0-2009-0878)
Vulnerability from nvd – Published: 2009-03-12 15:00 – Updated: 2024-08-07 04:48
VLAI?
Summary
The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:48:52.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://launchpad.net/bugs/336396"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"name": "wesnoth-readgamemap-dos(49294)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49294"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987\u0026rev=32987\u0026r1=31859\u0026dir_pagestart=200"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078\u0026dir_pagestart=200\u0026view=log"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://gna.org/bugs/index.php?13031"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://launchpad.net/bugs/335089"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://launchpad.net/bugs/336396"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"name": "wesnoth-readgamemap-dos(49294)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49294"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987\u0026rev=32987\u0026r1=31859\u0026dir_pagestart=200"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078\u0026dir_pagestart=200\u0026view=log"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://gna.org/bugs/index.php?13031"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://launchpad.net/bugs/335089"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0878",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://launchpad.net/bugs/336396",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/336396"
},
{
"name": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog",
"refsource": "CONFIRM",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"name": "wesnoth-readgamemap-dos(49294)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49294"
},
{
"name": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog",
"refsource": "CONFIRM",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"name": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987\u0026rev=32987\u0026r1=31859\u0026dir_pagestart=200",
"refsource": "CONFIRM",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987\u0026rev=32987\u0026r1=31859\u0026dir_pagestart=200"
},
{
"name": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078\u0026dir_pagestart=200\u0026view=log",
"refsource": "CONFIRM",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078\u0026dir_pagestart=200\u0026view=log"
},
{
"name": "https://gna.org/bugs/index.php?13031",
"refsource": "CONFIRM",
"url": "https://gna.org/bugs/index.php?13031"
},
{
"name": "http://launchpad.net/bugs/335089",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/335089"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0878",
"datePublished": "2009-03-12T15:00:00",
"dateReserved": "2009-03-12T00:00:00",
"dateUpdated": "2024-08-07T04:48:52.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0366 (GCVE-0-2009-0366)
Vulnerability from nvd – Published: 2009-03-12 15:00 – Updated: 2024-08-07 04:31
VLAI?
Summary
The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth before r33069 allows remote attackers to cause a denial of service via a large compressed WML document.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:31:25.762Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://launchpad.net/bugs/336396"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://gna.org/bugs/index.php?13037"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"name": "52672",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/52672"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026view=log"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"name": "34085",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34085"
},
{
"name": "34253",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34253"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026r1=32990\u0026r2=33069"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://launchpad.net/bugs/cve/2009-0366"
},
{
"name": "34236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34236"
},
{
"name": "DSA-1737",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1737"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://launchpad.net/bugs/335089"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth before r33069 allows remote attackers to cause a denial of service via a large compressed WML document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-19T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://launchpad.net/bugs/336396"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://gna.org/bugs/index.php?13037"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"name": "52672",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/52672"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026view=log"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"name": "34085",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34085"
},
{
"name": "34253",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34253"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026r1=32990\u0026r2=33069"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://launchpad.net/bugs/cve/2009-0366"
},
{
"name": "34236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34236"
},
{
"name": "DSA-1737",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1737"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://launchpad.net/bugs/335089"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth before r33069 allows remote attackers to cause a denial of service via a large compressed WML document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://launchpad.net/bugs/336396",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/336396"
},
{
"name": "https://gna.org/bugs/index.php?13037",
"refsource": "CONFIRM",
"url": "https://gna.org/bugs/index.php?13037"
},
{
"name": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog",
"refsource": "CONFIRM",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"name": "52672",
"refsource": "OSVDB",
"url": "http://osvdb.org/52672"
},
{
"name": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026view=log",
"refsource": "CONFIRM",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026view=log"
},
{
"name": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog",
"refsource": "CONFIRM",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"name": "34085",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34085"
},
{
"name": "34253",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34253"
},
{
"name": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026r1=32990\u0026r2=33069",
"refsource": "CONFIRM",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069\u0026r1=32990\u0026r2=33069"
},
{
"name": "http://launchpad.net/bugs/cve/2009-0366",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/cve/2009-0366"
},
{
"name": "34236",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34236"
},
{
"name": "DSA-1737",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1737"
},
{
"name": "http://launchpad.net/bugs/335089",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/335089"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0366",
"datePublished": "2009-03-12T15:00:00",
"dateReserved": "2009-01-29T00:00:00",
"dateUpdated": "2024-08-07T04:31:25.762Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0367 (GCVE-0-2009-0367)
Vulnerability from nvd – Published: 2009-03-05 02:00 – Updated: 2024-08-07 04:31
VLAI?
Summary
The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:31:26.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://launchpad.net/bugs/336396"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://gna.org/bugs/index.php?13048"
},
{
"name": "wesnoth-pythonai-code-execution(49058)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49058"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=24340"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=24247"
},
{
"name": "34058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34058"
},
{
"name": "ADV-2009-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0595"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://launchpad.net/bugs/cve/2009-0367"
},
{
"name": "34236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34236"
},
{
"name": "DSA-1737",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1737"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://launchpad.net/bugs/335089"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://launchpad.net/bugs/336396"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://gna.org/bugs/index.php?13048"
},
{
"name": "wesnoth-pythonai-code-execution(49058)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49058"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=24340"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=24247"
},
{
"name": "34058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34058"
},
{
"name": "ADV-2009-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0595"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://launchpad.net/bugs/cve/2009-0367"
},
{
"name": "34236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34236"
},
{
"name": "DSA-1737",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1737"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://launchpad.net/bugs/335089"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://launchpad.net/bugs/336396",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/336396"
},
{
"name": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog",
"refsource": "CONFIRM",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"name": "https://gna.org/bugs/index.php?13048",
"refsource": "CONFIRM",
"url": "https://gna.org/bugs/index.php?13048"
},
{
"name": "wesnoth-pythonai-code-execution(49058)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49058"
},
{
"name": "http://www.wesnoth.org/forum/viewtopic.php?t=24340",
"refsource": "CONFIRM",
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=24340"
},
{
"name": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog",
"refsource": "CONFIRM",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"name": "http://www.wesnoth.org/forum/viewtopic.php?t=24247",
"refsource": "CONFIRM",
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=24247"
},
{
"name": "34058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34058"
},
{
"name": "ADV-2009-0595",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0595"
},
{
"name": "http://launchpad.net/bugs/cve/2009-0367",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/cve/2009-0367"
},
{
"name": "34236",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34236"
},
{
"name": "DSA-1737",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1737"
},
{
"name": "http://launchpad.net/bugs/335089",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/335089"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0367",
"datePublished": "2009-03-05T02:00:00",
"dateReserved": "2009-01-29T00:00:00",
"dateUpdated": "2024-08-07T04:31:26.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6201 (GCVE-0-2007-6201)
Vulnerability from nvd – Published: 2007-12-01 02:00 – Updated: 2024-08-07 15:54
VLAI?
Summary
Unspecified vulnerability in Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows attackers to cause a denial of service (hang) via a "faulty add-on" and possibly execute other commands via unknown vectors related to the turn_cmd option.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:27.170Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=557098"
},
{
"name": "26625",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26625"
},
{
"name": "wesnoth-turncmd-dos(38751)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38751"
},
{
"name": "27786",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27786"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"
},
{
"name": "ADV-2007-4026",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4026"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows attackers to cause a denial of service (hang) via a \"faulty add-on\" and possibly execute other commands via unknown vectors related to the turn_cmd option."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=557098"
},
{
"name": "26625",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26625"
},
{
"name": "wesnoth-turncmd-dos(38751)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38751"
},
{
"name": "27786",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27786"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"
},
{
"name": "ADV-2007-4026",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4026"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6201",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows attackers to cause a denial of service (hang) via a \"faulty add-on\" and possibly execute other commands via unknown vectors related to the turn_cmd option."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=557098",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=557098"
},
{
"name": "26625",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26625"
},
{
"name": "wesnoth-turncmd-dos(38751)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38751"
},
{
"name": "27786",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27786"
},
{
"name": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289",
"refsource": "CONFIRM",
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"
},
{
"name": "ADV-2007-4026",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4026"
},
{
"name": "http://www.wesnoth.org/forum/viewtopic.php?t=18844",
"refsource": "CONFIRM",
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6201",
"datePublished": "2007-12-01T02:00:00",
"dateReserved": "2007-11-30T00:00:00",
"dateUpdated": "2024-08-07T15:54:27.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5742 (GCVE-0-2007-5742)
Vulnerability from nvd – Published: 2007-12-01 02:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via ".." sequences in unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.744Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "41713",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41713"
},
{
"name": "27920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27920"
},
{
"name": "FEDORA-2007-3989",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=557098"
},
{
"name": "27943",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27943"
},
{
"name": "27786",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27786"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"
},
{
"name": "FEDORA-2007-3986",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00004.html"
},
{
"name": "ADV-2007-4026",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4026"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"
},
{
"name": "wesnoth-wml-directory-traversal(38752)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38752"
},
{
"name": "26626",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26626"
},
{
"name": "DSA-1421",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1421"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via \"..\" sequences in unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "41713",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41713"
},
{
"name": "27920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27920"
},
{
"name": "FEDORA-2007-3989",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=557098"
},
{
"name": "27943",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27943"
},
{
"name": "27786",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27786"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"
},
{
"name": "FEDORA-2007-3986",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00004.html"
},
{
"name": "ADV-2007-4026",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4026"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"
},
{
"name": "wesnoth-wml-directory-traversal(38752)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38752"
},
{
"name": "26626",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26626"
},
{
"name": "DSA-1421",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1421"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5742",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via \"..\" sequences in unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "41713",
"refsource": "OSVDB",
"url": "http://osvdb.org/41713"
},
{
"name": "27920",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27920"
},
{
"name": "FEDORA-2007-3989",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00006.html"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=557098",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=557098"
},
{
"name": "27943",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27943"
},
{
"name": "27786",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27786"
},
{
"name": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289",
"refsource": "CONFIRM",
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"
},
{
"name": "FEDORA-2007-3986",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00004.html"
},
{
"name": "ADV-2007-4026",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4026"
},
{
"name": "http://www.wesnoth.org/forum/viewtopic.php?t=18844",
"refsource": "CONFIRM",
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"
},
{
"name": "wesnoth-wml-directory-traversal(38752)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38752"
},
{
"name": "26626",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26626"
},
{
"name": "DSA-1421",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1421"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5742",
"datePublished": "2007-12-01T02:00:00",
"dateReserved": "2007-10-31T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3917 (GCVE-0-2007-3917)
Vulnerability from nvd – Published: 2007-10-11 10:00 – Updated: 2024-08-07 14:37
VLAI?
Summary
The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the truncate_message function in server/server.cpp. NOTE: this issue affects both clients and servers.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:05.771Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=256618"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=324841"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18188"
},
{
"name": "41711",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41711"
},
{
"name": "25995",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25995"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/tags/1.2.7/changelog?rev=20982\u0026view=download"
},
{
"name": "27218",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27218"
},
{
"name": "FEDORA-2007-2496",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00194.html"
},
{
"name": "wesnoth-utf8-dos(37047)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37047"
},
{
"name": "27241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27241"
},
{
"name": "DSA-1386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1386"
},
{
"name": "ADV-2007-3449",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3449"
},
{
"name": "27137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27137"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the truncate_message function in server/server.cpp. NOTE: this issue affects both clients and servers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=256618"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=324841"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18188"
},
{
"name": "41711",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41711"
},
{
"name": "25995",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25995"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.gna.org/viewcvs/wesnoth/tags/1.2.7/changelog?rev=20982\u0026view=download"
},
{
"name": "27218",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27218"
},
{
"name": "FEDORA-2007-2496",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00194.html"
},
{
"name": "wesnoth-utf8-dos(37047)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37047"
},
{
"name": "27241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27241"
},
{
"name": "DSA-1386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1386"
},
{
"name": "ADV-2007-3449",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3449"
},
{
"name": "27137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27137"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3917",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the truncate_message function in server/server.cpp. NOTE: this issue affects both clients and servers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.wesnoth.org/forum/viewtopic.php?p=256618",
"refsource": "CONFIRM",
"url": "http://www.wesnoth.org/forum/viewtopic.php?p=256618"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=324841",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=324841"
},
{
"name": "http://www.wesnoth.org/forum/viewtopic.php?t=18188",
"refsource": "CONFIRM",
"url": "http://www.wesnoth.org/forum/viewtopic.php?t=18188"
},
{
"name": "41711",
"refsource": "OSVDB",
"url": "http://osvdb.org/41711"
},
{
"name": "25995",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25995"
},
{
"name": "http://svn.gna.org/viewcvs/wesnoth/tags/1.2.7/changelog?rev=20982\u0026view=download",
"refsource": "CONFIRM",
"url": "http://svn.gna.org/viewcvs/wesnoth/tags/1.2.7/changelog?rev=20982\u0026view=download"
},
{
"name": "27218",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27218"
},
{
"name": "FEDORA-2007-2496",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00194.html"
},
{
"name": "wesnoth-utf8-dos(37047)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37047"
},
{
"name": "27241",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27241"
},
{
"name": "DSA-1386",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1386"
},
{
"name": "ADV-2007-3449",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3449"
},
{
"name": "27137",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27137"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3917",
"datePublished": "2007-10-11T10:00:00",
"dateReserved": "2007-07-20T00:00:00",
"dateUpdated": "2024-08-07T14:37:05.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}