CVE-2007-5742

Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via ".." sequences in unknown vectors.

🔗 References (26)

• cve@mitrehttp://osvdb.org/41713
• cve@mitrehttp://secunia.com/advisories/27786
• cve@mitrehttp://secunia.com/advisories/27920
• cve@mitrehttp://secunia.com/advisories/27943
• cve@mitrehttp://sourceforge.net/project/shownotes.php?release_id=557098
• cve@mitrehttp://www.debian.org/security/2007/dsa-1421
• cve@mitrehttp://www.securityfocus.com/bid/26626
• cve@mitrehttp://www.vupen.com/english/advisories/2007/4026
• cve@mitrehttp://www.wesnoth.org/forum/viewtopic.php?p=264289#264289
• cve@mitrehttp://www.wesnoth.org/forum/viewtopic.php?t=18844
• cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/38752
• cve@mitrehttps://www.redhat.com/archives/fedora-package-announce/2007-December/msg00004.html
• cve@mitrehttps://www.redhat.com/archives/fedora-package-announce/2007-December/msg00006.html
• af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/41713
• af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27786