Search
Find a vulnerability
Search criteria
6 vulnerabilities found for battle_for_wesnoth by wesnoth
CVE-2015-5070 (GCVE-0-2015-5070)
Vulnerability from nvd – Published: 2017-09-26 14:00 – Updated: 2024-08-06 06:32
VLAI
Summary
The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.4 and 1.13.x before 1.13.1, when a case-insensitive filesystem is used, allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-5069.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/75425 | vdb-entryx_refsource_BID |
| https://github.com/wesnoth/wesnoth/commit/b2738ff… | x_refsource_CONFIRM |
| https://github.com/wesnoth/wesnoth/releases/tag/1.13.1 | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| https://bugzilla.redhat.com/show_bug.cgi?id=1236010 | x_refsource_CONFIRM |
| https://github.com/wesnoth/wesnoth/releases/tag/1.12.4 | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| https://gna.org/bugs/?23504 | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2015/0… | mailing-listx_refsource_MLIST |
Date Public
2015-06-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:32:32.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "75425",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75425"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wesnoth/wesnoth/commit/b2738ffb2fdd2550ececb74f76f75583c43c8b59"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.13.1"
},
{
"name": "FEDORA-2015-10964",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161752.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236010"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.12.4"
},
{
"name": "FEDORA-2015-10973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161722.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gna.org/bugs/?23504"
},
{
"name": "[oss-security] 20150625 Re: CVE request: Wesnoth authentication information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/06/25/12"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.4 and 1.13.x before 1.13.1, when a case-insensitive filesystem is used, allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-5069."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-26T13:57:02.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "75425",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75425"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wesnoth/wesnoth/commit/b2738ffb2fdd2550ececb74f76f75583c43c8b59"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.13.1"
},
{
"name": "FEDORA-2015-10964",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161752.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236010"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.12.4"
},
{
"name": "FEDORA-2015-10973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161722.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gna.org/bugs/?23504"
},
{
"name": "[oss-security] 20150625 Re: CVE request: Wesnoth authentication information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/06/25/12"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5070",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.4 and 1.13.x before 1.13.1, when a case-insensitive filesystem is used, allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-5069."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75425",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75425"
},
{
"name": "https://github.com/wesnoth/wesnoth/commit/b2738ffb2fdd2550ececb74f76f75583c43c8b59",
"refsource": "CONFIRM",
"url": "https://github.com/wesnoth/wesnoth/commit/b2738ffb2fdd2550ececb74f76f75583c43c8b59"
},
{
"name": "https://github.com/wesnoth/wesnoth/releases/tag/1.13.1",
"refsource": "CONFIRM",
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.13.1"
},
{
"name": "FEDORA-2015-10964",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161752.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1236010",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236010"
},
{
"name": "https://github.com/wesnoth/wesnoth/releases/tag/1.12.4",
"refsource": "CONFIRM",
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.12.4"
},
{
"name": "FEDORA-2015-10973",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161722.html"
},
{
"name": "https://gna.org/bugs/?23504",
"refsource": "MISC",
"url": "https://gna.org/bugs/?23504"
},
{
"name": "[oss-security] 20150625 Re: CVE request: Wesnoth authentication information disclosure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/25/12"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5070",
"datePublished": "2017-09-26T14:00:00.000Z",
"dateReserved": "2015-06-25T00:00:00.000Z",
"dateUpdated": "2024-08-06T06:32:32.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5069 (GCVE-0-2015-5069)
Vulnerability from nvd – Published: 2017-09-26 14:00 – Updated: 2024-08-06 06:32
VLAI
Summary
The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.3 and 1.13.x before 1.13.1 allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://github.com/wesnoth/wesnoth/releases/tag/1.13.1 | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| https://bugzilla.redhat.com/show_bug.cgi?id=1236010 | x_refsource_CONFIRM |
| https://github.com/wesnoth/wesnoth/commit/f891446… | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| https://gna.org/bugs/?23504 | x_refsource_MISC |
| http://www.securityfocus.com/bid/75424 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2015/0… | mailing-listx_refsource_MLIST |
| https://github.com/wesnoth/wesnoth/releases/tag/1.12.3 | x_refsource_CONFIRM |
Date Public
2015-06-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:32:32.740Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.13.1"
},
{
"name": "FEDORA-2015-10964",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161752.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236010"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wesnoth/wesnoth/commit/f8914468182e8d0a1551b430c0879ba236fe4d6d"
},
{
"name": "FEDORA-2015-10973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161722.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gna.org/bugs/?23504"
},
{
"name": "75424",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75424"
},
{
"name": "[oss-security] 20150625 Re: CVE request: Wesnoth authentication information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/06/25/12"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.12.3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.3 and 1.13.x before 1.13.1 allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-26T13:57:02.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.13.1"
},
{
"name": "FEDORA-2015-10964",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161752.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236010"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wesnoth/wesnoth/commit/f8914468182e8d0a1551b430c0879ba236fe4d6d"
},
{
"name": "FEDORA-2015-10973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161722.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gna.org/bugs/?23504"
},
{
"name": "75424",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75424"
},
{
"name": "[oss-security] 20150625 Re: CVE request: Wesnoth authentication information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/06/25/12"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.12.3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5069",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.3 and 1.13.x before 1.13.1 allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/wesnoth/wesnoth/releases/tag/1.13.1",
"refsource": "CONFIRM",
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.13.1"
},
{
"name": "FEDORA-2015-10964",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161752.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1236010",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236010"
},
{
"name": "https://github.com/wesnoth/wesnoth/commit/f8914468182e8d0a1551b430c0879ba236fe4d6d",
"refsource": "CONFIRM",
"url": "https://github.com/wesnoth/wesnoth/commit/f8914468182e8d0a1551b430c0879ba236fe4d6d"
},
{
"name": "FEDORA-2015-10973",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161722.html"
},
{
"name": "https://gna.org/bugs/?23504",
"refsource": "MISC",
"url": "https://gna.org/bugs/?23504"
},
{
"name": "75424",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75424"
},
{
"name": "[oss-security] 20150625 Re: CVE request: Wesnoth authentication information disclosure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/25/12"
},
{
"name": "https://github.com/wesnoth/wesnoth/releases/tag/1.12.3",
"refsource": "CONFIRM",
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.12.3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5069",
"datePublished": "2017-09-26T14:00:00.000Z",
"dateReserved": "2015-06-25T00:00:00.000Z",
"dateUpdated": "2024-08-06T06:32:32.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0844 (GCVE-0-2015-0844)
Vulnerability from nvd – Published: 2015-04-14 18:00 – Updated: 2024-08-06 04:26
VLAI
Summary
The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted (1) campaign or (2) map file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.debian.org/security/2015/dsa-3218 | vendor-advisoryx_refsource_DEBIAN |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://forums.wesnoth.org/viewtopic.php?t=41872 | x_refsource_CONFIRM |
| http://forums.wesnoth.org/viewtopic.php?t=41870 | x_refsource_CONFIRM |
Date Public
2015-04-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:10.430Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2015-6295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156001.html"
},
{
"name": "DSA-3218",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3218"
},
{
"name": "FEDORA-2015-6108",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155031.html"
},
{
"name": "FEDORA-2015-6280",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155968.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.wesnoth.org/viewtopic.php?t=41872"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.wesnoth.org/viewtopic.php?t=41870"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted (1) campaign or (2) map file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-04T20:57:00.000Z",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "FEDORA-2015-6295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156001.html"
},
{
"name": "DSA-3218",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3218"
},
{
"name": "FEDORA-2015-6108",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155031.html"
},
{
"name": "FEDORA-2015-6280",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155968.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.wesnoth.org/viewtopic.php?t=41872"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.wesnoth.org/viewtopic.php?t=41870"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2015-0844",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted (1) campaign or (2) map file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2015-6295",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156001.html"
},
{
"name": "DSA-3218",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3218"
},
{
"name": "FEDORA-2015-6108",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155031.html"
},
{
"name": "FEDORA-2015-6280",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155968.html"
},
{
"name": "http://forums.wesnoth.org/viewtopic.php?t=41872",
"refsource": "CONFIRM",
"url": "http://forums.wesnoth.org/viewtopic.php?t=41872"
},
{
"name": "http://forums.wesnoth.org/viewtopic.php?t=41870",
"refsource": "CONFIRM",
"url": "http://forums.wesnoth.org/viewtopic.php?t=41870"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2015-0844",
"datePublished": "2015-04-14T18:00:00.000Z",
"dateReserved": "2015-01-07T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:26:10.430Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5070 (GCVE-0-2015-5070)
Vulnerability from cvelistv5 – Published: 2017-09-26 14:00 – Updated: 2024-08-06 06:32
VLAI
Summary
The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.4 and 1.13.x before 1.13.1, when a case-insensitive filesystem is used, allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-5069.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/75425 | vdb-entryx_refsource_BID |
| https://github.com/wesnoth/wesnoth/commit/b2738ff… | x_refsource_CONFIRM |
| https://github.com/wesnoth/wesnoth/releases/tag/1.13.1 | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| https://bugzilla.redhat.com/show_bug.cgi?id=1236010 | x_refsource_CONFIRM |
| https://github.com/wesnoth/wesnoth/releases/tag/1.12.4 | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| https://gna.org/bugs/?23504 | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2015/0… | mailing-listx_refsource_MLIST |
Date Public
2015-06-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:32:32.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "75425",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75425"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wesnoth/wesnoth/commit/b2738ffb2fdd2550ececb74f76f75583c43c8b59"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.13.1"
},
{
"name": "FEDORA-2015-10964",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161752.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236010"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.12.4"
},
{
"name": "FEDORA-2015-10973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161722.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gna.org/bugs/?23504"
},
{
"name": "[oss-security] 20150625 Re: CVE request: Wesnoth authentication information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/06/25/12"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.4 and 1.13.x before 1.13.1, when a case-insensitive filesystem is used, allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-5069."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-26T13:57:02.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "75425",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75425"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wesnoth/wesnoth/commit/b2738ffb2fdd2550ececb74f76f75583c43c8b59"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.13.1"
},
{
"name": "FEDORA-2015-10964",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161752.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236010"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.12.4"
},
{
"name": "FEDORA-2015-10973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161722.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gna.org/bugs/?23504"
},
{
"name": "[oss-security] 20150625 Re: CVE request: Wesnoth authentication information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/06/25/12"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5070",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.4 and 1.13.x before 1.13.1, when a case-insensitive filesystem is used, allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-5069."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75425",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75425"
},
{
"name": "https://github.com/wesnoth/wesnoth/commit/b2738ffb2fdd2550ececb74f76f75583c43c8b59",
"refsource": "CONFIRM",
"url": "https://github.com/wesnoth/wesnoth/commit/b2738ffb2fdd2550ececb74f76f75583c43c8b59"
},
{
"name": "https://github.com/wesnoth/wesnoth/releases/tag/1.13.1",
"refsource": "CONFIRM",
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.13.1"
},
{
"name": "FEDORA-2015-10964",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161752.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1236010",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236010"
},
{
"name": "https://github.com/wesnoth/wesnoth/releases/tag/1.12.4",
"refsource": "CONFIRM",
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.12.4"
},
{
"name": "FEDORA-2015-10973",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161722.html"
},
{
"name": "https://gna.org/bugs/?23504",
"refsource": "MISC",
"url": "https://gna.org/bugs/?23504"
},
{
"name": "[oss-security] 20150625 Re: CVE request: Wesnoth authentication information disclosure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/25/12"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5070",
"datePublished": "2017-09-26T14:00:00.000Z",
"dateReserved": "2015-06-25T00:00:00.000Z",
"dateUpdated": "2024-08-06T06:32:32.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5069 (GCVE-0-2015-5069)
Vulnerability from cvelistv5 – Published: 2017-09-26 14:00 – Updated: 2024-08-06 06:32
VLAI
Summary
The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.3 and 1.13.x before 1.13.1 allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://github.com/wesnoth/wesnoth/releases/tag/1.13.1 | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| https://bugzilla.redhat.com/show_bug.cgi?id=1236010 | x_refsource_CONFIRM |
| https://github.com/wesnoth/wesnoth/commit/f891446… | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| https://gna.org/bugs/?23504 | x_refsource_MISC |
| http://www.securityfocus.com/bid/75424 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2015/0… | mailing-listx_refsource_MLIST |
| https://github.com/wesnoth/wesnoth/releases/tag/1.12.3 | x_refsource_CONFIRM |
Date Public
2015-06-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:32:32.740Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.13.1"
},
{
"name": "FEDORA-2015-10964",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161752.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236010"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wesnoth/wesnoth/commit/f8914468182e8d0a1551b430c0879ba236fe4d6d"
},
{
"name": "FEDORA-2015-10973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161722.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gna.org/bugs/?23504"
},
{
"name": "75424",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75424"
},
{
"name": "[oss-security] 20150625 Re: CVE request: Wesnoth authentication information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/06/25/12"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.12.3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.3 and 1.13.x before 1.13.1 allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-26T13:57:02.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.13.1"
},
{
"name": "FEDORA-2015-10964",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161752.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236010"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wesnoth/wesnoth/commit/f8914468182e8d0a1551b430c0879ba236fe4d6d"
},
{
"name": "FEDORA-2015-10973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161722.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gna.org/bugs/?23504"
},
{
"name": "75424",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75424"
},
{
"name": "[oss-security] 20150625 Re: CVE request: Wesnoth authentication information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/06/25/12"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.12.3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5069",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.3 and 1.13.x before 1.13.1 allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/wesnoth/wesnoth/releases/tag/1.13.1",
"refsource": "CONFIRM",
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.13.1"
},
{
"name": "FEDORA-2015-10964",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161752.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1236010",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236010"
},
{
"name": "https://github.com/wesnoth/wesnoth/commit/f8914468182e8d0a1551b430c0879ba236fe4d6d",
"refsource": "CONFIRM",
"url": "https://github.com/wesnoth/wesnoth/commit/f8914468182e8d0a1551b430c0879ba236fe4d6d"
},
{
"name": "FEDORA-2015-10973",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161722.html"
},
{
"name": "https://gna.org/bugs/?23504",
"refsource": "MISC",
"url": "https://gna.org/bugs/?23504"
},
{
"name": "75424",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75424"
},
{
"name": "[oss-security] 20150625 Re: CVE request: Wesnoth authentication information disclosure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/25/12"
},
{
"name": "https://github.com/wesnoth/wesnoth/releases/tag/1.12.3",
"refsource": "CONFIRM",
"url": "https://github.com/wesnoth/wesnoth/releases/tag/1.12.3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5069",
"datePublished": "2017-09-26T14:00:00.000Z",
"dateReserved": "2015-06-25T00:00:00.000Z",
"dateUpdated": "2024-08-06T06:32:32.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0844 (GCVE-0-2015-0844)
Vulnerability from cvelistv5 – Published: 2015-04-14 18:00 – Updated: 2024-08-06 04:26
VLAI
Summary
The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted (1) campaign or (2) map file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.debian.org/security/2015/dsa-3218 | vendor-advisoryx_refsource_DEBIAN |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://forums.wesnoth.org/viewtopic.php?t=41872 | x_refsource_CONFIRM |
| http://forums.wesnoth.org/viewtopic.php?t=41870 | x_refsource_CONFIRM |
Date Public
2015-04-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:10.430Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2015-6295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156001.html"
},
{
"name": "DSA-3218",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3218"
},
{
"name": "FEDORA-2015-6108",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155031.html"
},
{
"name": "FEDORA-2015-6280",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155968.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.wesnoth.org/viewtopic.php?t=41872"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.wesnoth.org/viewtopic.php?t=41870"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted (1) campaign or (2) map file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-04T20:57:00.000Z",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "FEDORA-2015-6295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156001.html"
},
{
"name": "DSA-3218",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3218"
},
{
"name": "FEDORA-2015-6108",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155031.html"
},
{
"name": "FEDORA-2015-6280",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155968.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.wesnoth.org/viewtopic.php?t=41872"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.wesnoth.org/viewtopic.php?t=41870"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2015-0844",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted (1) campaign or (2) map file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2015-6295",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156001.html"
},
{
"name": "DSA-3218",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3218"
},
{
"name": "FEDORA-2015-6108",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155031.html"
},
{
"name": "FEDORA-2015-6280",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155968.html"
},
{
"name": "http://forums.wesnoth.org/viewtopic.php?t=41872",
"refsource": "CONFIRM",
"url": "http://forums.wesnoth.org/viewtopic.php?t=41872"
},
{
"name": "http://forums.wesnoth.org/viewtopic.php?t=41870",
"refsource": "CONFIRM",
"url": "http://forums.wesnoth.org/viewtopic.php?t=41870"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2015-0844",
"datePublished": "2015-04-14T18:00:00.000Z",
"dateReserved": "2015-01-07T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:26:10.430Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}