Computer Security
[EN] securityvulns.ru no-pyccku


freeciv unauthorized access
Published:16.10.2010
Source:
SecurityVulns ID:11202
Type:client
Threat Level:
5/10
Description:It's possible to access files and execute commands via scenario.
Affected:FREECIV : freeciv 2.2
 FREECIV : freeciv 2.3
CVE:CVE-2010-2445 (freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via a scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions.)
Original documentdocumentMANDRIVA, [ MDVSA-2010:205 ] freeciv (16.10.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod