CVE 2007-5742
Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via ".." sequences in unknown vectors.
Related bugs and status
CVE-2007-5742 (Candidate) is related to these bugs:
Bug #172783: wesnoth exploit allows others to view the content of files on a remote computer
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
172783 | wesnoth exploit allows others to view the content of files on a remote computer | wesnoth (Ubuntu) | High | Fix Released | ||
172783 | wesnoth exploit allows others to view the content of files on a remote computer | wesnoth (Ubuntu Gutsy) | High | Fix Released | ||
172783 | wesnoth exploit allows others to view the content of files on a remote computer | wesnoth (Ubuntu Feisty) | High | Fix Released | ||
172783 | wesnoth exploit allows others to view the content of files on a remote computer | wesnoth (Ubuntu Dapper) | Undecided | Fix Released | ||
172783 | wesnoth exploit allows others to view the content of files on a remote computer | wesnoth (Ubuntu Edgy) | Undecided | Fix Released |
Bug #173881: the option "turn_cmd" can stall a computer or maybe start another application
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
173881 | the option "turn_cmd" can stall a computer or maybe start another application | wesnoth (Ubuntu) | Undecided | Fix Released | ||
173881 | the option "turn_cmd" can stall a computer or maybe start another application | wesnoth (Ubuntu Edgy) | Undecided | Fix Released | ||
173881 | the option "turn_cmd" can stall a computer or maybe start another application | wesnoth (Ubuntu Gutsy) | Undecided | Fix Released | ||
173881 | the option "turn_cmd" can stall a computer or maybe start another application | wesnoth (Ubuntu Feisty) | Undecided | Fix Released | ||
173881 | the option "turn_cmd" can stall a computer or maybe start another application | wesnoth (Ubuntu Dapper) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.