5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.006 Low
EPSS
Percentile
78.2%
Package : wesnoth-1.8
Version : 1:1.8.5-1+deb6u1
CVE ID : CVE-2015-0844
Ignacio R. Morelle discovered that missing path restrictions in the
"Battle of Wesnoth" game could result in the disclosure of arbitrary
files in the user's home directory if malicious campaigns/maps are
loaded.
For the oldstable distribution (distribution), this problem has been
fixed in version 1:1.8.5-1+deb6u1. See DSA-3218-1 for the versions of
the other releases.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | all | wesnoth-all | < 1:1.8.5-1+deb6u1 | wesnoth-all_1:1.8.5-1+deb6u1_all.deb |
Debian | 6 | all | wesnoth-editor | < 1:1.8.5-1+deb6u1 | wesnoth-editor_1:1.8.5-1+deb6u1_all.deb |
Debian | 6 | all | wesnoth | < 1:1.8.5-1+deb6u1 | wesnoth_1:1.8.5-1+deb6u1_all.deb |
Debian | 6 | all | wesnoth-1.8-nr | < 1:1.8.5-1+deb6u1 | wesnoth-1.8-nr_1:1.8.5-1+deb6u1_all.deb |
Debian | 6 | all | wesnoth-core | < 1:1.8.5-1+deb6u1 | wesnoth-core_1:1.8.5-1+deb6u1_all.deb |
Debian | 6 | all | wesnoth-1.8 | < 1:1.8.5-1+deb6u1 | wesnoth-1.8_1:1.8.5-1+deb6u1_all.deb |
Debian | 6 | all | wesnoth-1.8-httt | < 1:1.8.5-1+deb6u1 | wesnoth-1.8-httt_1:1.8.5-1+deb6u1_all.deb |
Debian | 6 | all | wesnoth-1.8-ttb | < 1:1.8.5-1+deb6u1 | wesnoth-1.8-ttb_1:1.8.5-1+deb6u1_all.deb |
Debian | 6 | all | wesnoth-1.8-thot | < 1:1.8.5-1+deb6u1 | wesnoth-1.8-thot_1:1.8.5-1+deb6u1_all.deb |
Debian | 6 | all | wesnoth-1.8-dbg | < 1:1.8.5-1+deb6u1 | wesnoth-1.8-dbg_1:1.8.5-1+deb6u1_all.deb |