3 results (0.020 seconds)

CVSS: 5.0EPSS: 4%CPEs: 109EXPL: 0

The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height. La función read_game_map en src/terrain_translation.cpp en Wesnoth anterior a r32987, permite a los atacantes remotos causar una denegación de servicio (consumo de memoria y cuelgue de demonio) a través un mapa con una gran (1) anchura o (2) peso. • http://launchpad.net/bugs/335089 http://launchpad.net/bugs/336396 http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987&rev=32987&r1=31859&dir_pagestart=200 http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078&dir_pagestart=200&view=log https://exchange.xforce • CWE-399: Resource Management Errors •

CVSS: 4.3EPSS: 2%CPEs: 57EXPL: 0

The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth before r33069 allows remote attackers to cause a denial of service via a large compressed WML document. La función uncompress_buffer en src/server/simple_wml.cpp en Wesnoth anterior a r33069 permite a atacantes remoto provocar una denegación de servicio a través de un documento WML de gran tamaño comprimido. • http://launchpad.net/bugs/335089 http://launchpad.net/bugs/336396 http://launchpad.net/bugs/cve/2009-0366 http://osvdb.org/52672 http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog http://secunia.com/advisories/34236 http://secunia.com/advisories/34253 http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069&r1=32990&r2=33069&# • CWE-399: Resource Management Errors •

CVSS: 9.0EPSS: 1%CPEs: 81EXPL: 0

Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via ".." sequences in unknown vectors. Una vulnerabilidad de salto de directorio en el preprocesador del motor WML para Wesnoth versiones 1.2.x anteriores a 1.2.8 y versiones 1.3.x anteriores a 1.3.12, permite a atacantes remotos leer archivos arbitrarios por medio de secuencias ".." en vectores desconocidos. • http://osvdb.org/41713 http://secunia.com/advisories/27786 http://secunia.com/advisories/27920 http://secunia.com/advisories/27943 http://sourceforge.net/project/shownotes.php?release_id=557098 http://www.debian.org/security/2007/dsa-1421 http://www.securityfocus.com/bid/26626 http://www.vupen.com/english/advisories/2007/4026 http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289 http://www.wesnoth.org/forum/viewtopic.php?t=18844 https://exchange.xforce.ibmcloud.com&# • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •