CVE-2007-5742

NameCVE-2007-5742
DescriptionDirectory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via ".." sequences in unknown vectors.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-1421-1, DTSA-90-1
Debian Bugs453500

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
wesnothsourcesarge0.9.0-7DSA-1421-1
wesnothsourceetch1.2-3DSA-1421-1
wesnothsourcelenny1:1.2.7-2+lenny1DTSA-90-1
wesnothsource(unstable)1:1.2.8-1medium453500

Search for package or bug name: Reporting problems