CVE-2007-5742

NameCVE-2007-5742
DescriptionDirectory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via ".." sequences in unknown vectors.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-1421-1, DTSA-90-1
NVD severityhigh (attack range: remote)
Debian Bugs453500
Debian/oldstablenot known to be vulnerable.
Debian/stablenot known to be vulnerable.
Debian/testingnot known to be vulnerable.
Debian/unstablenot known to be vulnerable.

The information above is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
wesnothsource(unstable)1:1.2.8-1medium453500
wesnothsourceetch1.2-3highDSA-1421-1
wesnothsourcelenny1:1.2.7-2+lenny1highDTSA-90-1
wesnothsourcesarge0.9.0-7highDSA-1421-1

Search for package or bug name: Reporting problems