Lucene search
RootSSV:4873HistoryMar 05, 2009 - 12:00 a.m.
Battle for Wesnoth PythonAI模块绕过安全限制漏洞
2009-03-0500:00:00
Root
www.seebug.org
10
0.457 Medium
EPSS
Percentile
97.1%
BUGTRAQ ID: 33971
CVE(CAN) ID: CVE-2009-0367
Battle for Wesnoth(韦诺之战)是一款开源的战棋游戏。
Battle for Wesnoth的PythonAI中的某些白名单python模块错误的导入了本应受限制的python模块,如果用户受骗下载并使用了恶意的添加程序的话,就可能绕过沙盒限制执行任意Python代码。
David White Battle for Wesnoth 1.5.x
David White Battle for Wesnoth 1.4.x
厂商补丁:
David White
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“http://www.wesnoth.org/” target=“_blank”>http://www.wesnoth.org/</a>
Related
ubuntucve
ubuntucve
CVE-2009-0367
2009-03-05 00:00:00
redhatcve
redhatcve
CVE-2009-0367
2019-10-04 21:11:46
prion
prion
Code injection
2009-03-05 02:30:00
cve
cve
CVE-2009-0367
2009-03-05 02:30:00
debian
debian
[Backports-security-announce] Security Update for wesnoth
2009-02-27 09:30:14
[Backports-security-announce] Security Update for wesnoth
2009-02-27 10:16:46
[SECURITY] [DSA 1737-1] New wesnoth packages fix several vulnerabilities
2009-03-11 15:17:44
nessus
nessus
Debian DSA-1737-1 : wesnoth - several vulnerabilities
2009-03-12 00:00:00
openvas
openvas
Debian Security Advisory DSA 1737-1 (wesnoth)
2009-03-13 00:00:00
Debian: Security Advisory (DSA-1737-1)
2009-03-13 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1737-1] New wesnoth packages fix several vulnerabilities
2009-03-12 00:00:00
wesnoth game multiple security vulnerabilities
2009-03-12 00:00:00
osv
osv
wesnoth - several vulnerabilities
2009-03-11 00:00:00