Lucene search

[email protected]CVE-2007-5742

HistoryDec 01, 2007 - 6:46 a.m.

CVE-2007-5742

2007-12-0106:46:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2007-5742

directory traversal

wml engine

wesnoth

remote attackers

arbitrary files

nvd

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:P/I:P/A:C

6.4 Medium

AI Score

Confidence

Low

0.019 Low

EPSS

Percentile

88.6%

JSON

Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via “…” sequences in unknown vectors.

Affected configurations

NVD

Node

wesnothwesnothMatch0.2.1

wesnothwesnothMatch0.3

wesnothwesnothMatch0.3.1

wesnothwesnothMatch0.3.2

wesnothwesnothMatch0.3.3

wesnothwesnothMatch0.3.4

wesnothwesnothMatch0.4

wesnothwesnothMatch0.4.1

wesnothwesnothMatch0.4.2

wesnothwesnothMatch0.4.3

wesnothwesnothMatch0.4.4

wesnothwesnothMatch0.4.5

wesnothwesnothMatch0.4.6

wesnothwesnothMatch0.4.7

wesnothwesnothMatch0.4.8

wesnothwesnothMatch0.5

wesnothwesnothMatch0.5.1

wesnothwesnothMatch0.6

wesnothwesnothMatch0.6.1

wesnothwesnothMatch0.6.99.1

wesnothwesnothMatch0.6.99.2

wesnothwesnothMatch0.6.99.3

wesnothwesnothMatch0.6.99.4

wesnothwesnothMatch0.6.99.5

wesnothwesnothMatch0.7

wesnothwesnothMatch0.7.1

wesnothwesnothMatch0.7.2

wesnothwesnothMatch0.7.3

wesnothwesnothMatch0.7.4

wesnothwesnothMatch0.7.5

wesnothwesnothMatch0.7.6

wesnothwesnothMatch0.7.7

wesnothwesnothMatch0.7.8

wesnothwesnothMatch0.7.9

wesnothwesnothMatch0.7.10

wesnothwesnothMatch0.7.11

wesnothwesnothMatch0.8

wesnothwesnothMatch0.8.1

wesnothwesnothMatch0.8.2

wesnothwesnothMatch0.8.3

wesnothwesnothMatch0.8.4

wesnothwesnothMatch0.8.5

wesnothwesnothMatch0.8.6

wesnothwesnothMatch0.8.7

wesnothwesnothMatch0.8.8

wesnothwesnothMatch0.8.9

wesnothwesnothMatch0.8.10

wesnothwesnothMatch0.8.11

wesnothwesnothMatch0.9.0

wesnothwesnothMatch0.9.1

wesnothwesnothMatch0.9.2

wesnothwesnothMatch0.9.3

wesnothwesnothMatch0.9.4

wesnothwesnothMatch0.9.5

wesnothwesnothMatch0.9.6

wesnothwesnothMatch0.9.7

wesnothwesnothMatch1.0rcl

wesnothwesnothMatch1.1

wesnothwesnothMatch1.1.1

wesnothwesnothMatch1.1.2

wesnothwesnothMatch1.1.3

wesnothwesnothMatch1.1.4

wesnothwesnothMatch1.1.5

wesnothwesnothMatch1.1.6

wesnothwesnothMatch1.1.7

wesnothwesnothMatch1.1.8

wesnothwesnothMatch1.1.9

wesnothwesnothMatch1.1.10

wesnothwesnothMatch1.1.11

wesnothwesnothMatch1.1.12

wesnothwesnothMatch1.1.13

wesnothwesnothMatch1.1.14

wesnothwesnothMatch1.2

wesnothwesnothMatch1.2.1

wesnothwesnothMatch1.2.2

wesnothwesnothMatch1.2.3

wesnothwesnothMatch1.2.4

wesnothwesnothMatch1.2.5

wesnothwesnothMatch1.2.6

wesnothwesnothMatch1.2.7

wesnothwesnothMatch1.2.8

CPENameOperatorVersion
wesnoth:wesnothwesnotheq0.2.1
wesnoth:wesnothwesnotheq0.3
wesnoth:wesnothwesnotheq0.3.1
wesnoth:wesnothwesnotheq0.3.2
wesnoth:wesnothwesnotheq0.3.3
wesnoth:wesnothwesnotheq0.3.4
wesnoth:wesnothwesnotheq0.4
wesnoth:wesnothwesnotheq0.4.1
wesnoth:wesnothwesnotheq0.4.2
wesnoth:wesnothwesnotheq0.4.3

CPE	Name	Operator	Version
wesnoth:wesnoth	wesnoth	eq	0.2.1
wesnoth:wesnoth	wesnoth	eq	0.3
wesnoth:wesnoth	wesnoth	eq	0.3.1
wesnoth:wesnoth	wesnoth	eq	0.3.2
wesnoth:wesnoth	wesnoth	eq	0.3.3
wesnoth:wesnoth	wesnoth	eq	0.3.4
wesnoth:wesnoth	wesnoth	eq	0.4
wesnoth:wesnoth	wesnoth	eq	0.4.1
wesnoth:wesnoth	wesnoth	eq	0.4.2
wesnoth:wesnoth	wesnoth	eq	0.4.3