CVE-2009-0366
https://notcve.org/view.php?id=CVE-2009-0366
The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth before r33069 allows remote attackers to cause a denial of service via a large compressed WML document. La función uncompress_buffer en src/server/simple_wml.cpp en Wesnoth anterior a r33069 permite a atacantes remoto provocar una denegación de servicio a través de un documento WML de gran tamaño comprimido. • http://launchpad.net/bugs/335089 http://launchpad.net/bugs/336396 http://launchpad.net/bugs/cve/2009-0366 http://osvdb.org/52672 http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog http://secunia.com/advisories/34236 http://secunia.com/advisories/34253 http://svn.gna.org/viewcvs/wesnoth/trunk/src/server/simple_wml.cpp?rev=33069&r1=32990&r2=33069 • CWE-399: Resource Management Errors •
CVE-2009-0367 – Wesnoth 1.x - PythonAI Remote Code Execution
https://notcve.org/view.php?id=CVE-2009-0367
The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module. El módulo Python AI de Wesnoth v1.4.x y v1.5 anterior a v1.5.11, permite a atacantes remotos escapar del sandbox -cajón de arena- y ejecutar código de su elección utilizando un módulo de lista blanca que importa un módulo no seguro, después la usar el nombre de un módulo jerárquico para acceder a un módulo no seguro a través del módulo de lista blanca. • https://www.exploit-db.com/exploits/32837 http://launchpad.net/bugs/335089 http://launchpad.net/bugs/336396 http://launchpad.net/bugs/cve/2009-0367 http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog http://secunia.com/advisories/34058 http://secunia.com/advisories/34236 http://www.debian.org/security/2009/dsa-1737 http://www.vupen.com/english • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2007-5742
https://notcve.org/view.php?id=CVE-2007-5742
Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via ".." sequences in unknown vectors. Una vulnerabilidad de salto de directorio en el preprocesador del motor WML para Wesnoth versiones 1.2.x anteriores a 1.2.8 y versiones 1.3.x anteriores a 1.3.12, permite a atacantes remotos leer archivos arbitrarios por medio de secuencias ".." en vectores desconocidos. • http://osvdb.org/41713 http://secunia.com/advisories/27786 http://secunia.com/advisories/27920 http://secunia.com/advisories/27943 http://sourceforge.net/project/shownotes.php?release_id=557098 http://www.debian.org/security/2007/dsa-1421 http://www.securityfocus.com/bid/26626 http://www.vupen.com/english/advisories/2007/4026 http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289 http://www.wesnoth.org/forum/viewtopic.php?t=18844 https://exchange.xforce.ibmcloud.com • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2007-6201
https://notcve.org/view.php?id=CVE-2007-6201
Unspecified vulnerability in Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows attackers to cause a denial of service (hang) via a "faulty add-on" and possibly execute other commands via unknown vectors related to the turn_cmd option. Una vulnerabilidad no especificada en Wesnoth versiones 1.2.x anteriores a 1.2.8 y versiones 1.3.x anteriores a 1.3.12, permite a atacantes causar una denegación de servicio (bloqueo) por medio de un "faulty add-on" y probablemente ejecutar otros comandos por medio de vectores desconocidos relacionados con la opción turn_cmd. • http://secunia.com/advisories/27786 http://sourceforge.net/project/shownotes.php?release_id=557098 http://www.securityfocus.com/bid/26625 http://www.vupen.com/english/advisories/2007/4026 http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289 http://www.wesnoth.org/forum/viewtopic.php?t=18844 https://exchange.xforce.ibmcloud.com/vulnerabilities/38751 •
CVE-2007-3917
https://notcve.org/view.php?id=CVE-2007-3917
The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the truncate_message function in server/server.cpp. NOTE: this issue affects both clients and servers. El motor multijugador en Wesnoth versiones 1.2.x anteriores a 1.2.7 y versiones 1.3.x anteriores a 1.3.9, permite a los servidores remotos causar una denegación de servicio (bloqueo) por medio de un mensaje largo con caracteres multibyte que puede producir una cadena UTF-8 no válida después que está truncado, lo que desencadena una excepción no detectada, que involucra la función truncate_message en el archivo server/server.cpp. NOTA: este problema afecta tanto a los clientes como a los servidores. • http://osvdb.org/41711 http://secunia.com/advisories/27137 http://secunia.com/advisories/27218 http://secunia.com/advisories/27241 http://svn.gna.org/viewcvs/wesnoth/tags/1.2.7/changelog?rev=20982&view=download http://www.debian.org/security/2007/dsa-1386 http://www.securityfocus.com/bid/25995 http://www.vupen.com/english/advisories/2007/3449 http://www.wesnoth.org/forum/viewtopic.php?p=256618 http://www.wesnoth.org/forum/viewtopic.php?t=18188 https://bugzilla& • CWE-134: Use of Externally-Controlled Format String •