25 matches found
EUVD-2015-5085
Malware in sbrugna...
EUVD-2015-5086
Malware in sbrugna...
EUVD-2015-0856
Malware in sbrugna...
The Battle for Wesnoth Project contains a Code Injection that can result in code execution outside the sandbox
...
SUSE CVE-2015-0844
The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted 1 campaign or 2 map file...
SUSE CVE-2018-1999023
The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and play...
CVE-2018-1999023
The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and play...
CVE-2018-1999023
CVE-2018-1999023 affects The Battle for Wesnoth Project versions 1.7.0 through 1.14.3. The vulnerability is a Code Injection flaw in the Lua scripting engine that can lead to code execution outside the sandbox. Exploitation vectors include loading specially-crafted saved games, networked games, r...
CVE-2018-1999023
The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and play...
CVE-2015-5070
The 1 filesystem::getwmllocation function in filesystem.cpp and 2 islegalfile function in filesystemboost.cpp in Battle for Wesnoth before 1.12.4 and 1.13.x before 1.13.1, when a case-insensitive filesystem is used, allow remote attackers to obtain sensitive information via vectors related to...
Design/Logic Flaw
The 1 filesystem::getwmllocation function in filesystem.cpp and 2 islegalfile function in filesystemboost.cpp in Battle for Wesnoth before 1.12.3 and 1.13.x before 1.13.1 allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML...
CVE-2015-5070
Removed by vendor...
CVE-2015-5069
Removed by vendor...
CVE-2015-5069
CVE-2015-5069 pertains to the Battle for Wesnoth game. The vulnerability affects versions prior to 1.12.3 and 1.13.x prior to 1.13.1, where two functions (filesystem::get_wml_location in filesystem.cpp and is_legal_file in filesystem_boost.cpp) could allow remote attackers to exfiltrate sensitive...
CVE-2015-5070
The CVE-2015-5070 entry concerns Battle for Wesnoth prior to 1.12.4 and 1.13.x before 1.13.1, where the functions filesystem::get_wml_location (filesystem.cpp) and is_legal_file (filesystem_boost.cpp) on case-insensitive filesystems could disclose sensitive information via vectors related to .pbl...
Mageia: Security Advisory (MGASA-2015-0283)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2015-0282 Updated wesnoth packages fix security vulnerability
Toom Lõhmus discovered that the Lua API and preprocessor in the Battle for Wesnoth game up to version 1.12.2 included could lead to client-side authentication information disclosure using maliciously crafted files with the .pdb extension CVE-2015-5069, CVE-2015-5070. This issue has been fixed usi...
Design/Logic Flaw
The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted 1 campaign or 2 map file...
CVE-2015-0844
The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted 1 campaign or 2 map file...
CVE-2015-0844
The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted 1 campaign or 2 map file...