Wesnoth Battle for Wesnoth 1.9.14

CPE Details

Wesnoth Battle for Wesnoth 1.9.14
wesnoth
battle_for_wesnoth
1.9.14
2015-04-15
17h59 +00:00
2015-04-22
13h07 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:wesnoth:battle_for_wesnoth:1.9.14:*:*:*:*:*:*:*

Informations

Vendor

wesnoth

Product

battle_for_wesnoth

Version

1.9.14

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2015-5069 2017-09-26 12h00 +00:00 The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.3 and 1.13.x before 1.13.1 allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML.
4.3
Medium
CVE-2015-5070 2017-09-26 12h00 +00:00 The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.4 and 1.13.x before 1.13.1, when a case-insensitive filesystem is used, allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-5069.
3.1
Low
CVE-2015-0844 2015-04-14 16h00 +00:00 The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted (1) campaign or (2) map file.
5
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.