Lucene search

K
nvd[email protected]NVD:CVE-2010-2445
HistoryJul 08, 2010 - 12:54 p.m.

CVE-2010-2445

2010-07-0812:54:47
CWE-78
web.nvd.nist.gov

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.1

Confidence

Low

EPSS

0.004

Percentile

74.0%

freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via a scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions.

Affected configurations

NVD
Node
freecivfreecivMatch2.2.0
OR
freecivfreecivMatch2.2.0beta1
OR
freecivfreecivMatch2.2.0beta2
OR
freecivfreecivMatch2.2.0beta3
OR
freecivfreecivMatch2.2.0rc1
OR
freecivfreecivMatch2.3.0dev

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.1

Confidence

Low

EPSS

0.004

Percentile

74.0%