Detections
Analytics

CVE-2007-5742

high

Description

Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via ".." sequences in unknown vectors.

References

https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00006.html

https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00004.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/38752

http://www.wesnoth.org/forum/viewtopic.php?t=18844

http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289

http://www.vupen.com/english/advisories/2007/4026

http://www.securityfocus.com/bid/26626

http://www.debian.org/security/2007/dsa-1421

http://sourceforge.net/project/shownotes.php?release_id=557098

http://secunia.com/advisories/27943

http://secunia.com/advisories/27920

http://secunia.com/advisories/27786

http://osvdb.org/41713

Details

Source: Mitre, NVD

Published: 2007-12-01

Updated: 2017-07-29

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High