Computer Security
[EN] no-pyccku

wesnoth game multiple security vulnerabilities
SecurityVulns ID:9740
Threat Level:
Description:DoS, code execution.
Affected:WESNOTH : Wesnoth 1.4
 WESNOTH : Wesnoth 1.5
CVE:CVE-2009-0367 (The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module.)
 CVE-2009-0366 (The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth before r33069 allows remote attackers to cause a denial of service via a large compressed WML document.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1737-1] New wesnoth packages fix several vulnerabilities (12.03.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod