CVE-2007-5742 Information

Description

Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8 and 1.3.x before 1.3.12 allows remote attackers to read arbitrary files via ..\ sequences in unknown vectors.

Reference

http://osvdb.org/41713 http://secunia.com/advisories/27786 http://secunia.com/advisories/27920 http://secunia.com/advisories/27943 http://sourceforge.net/project/shownotes.php?release_id=557098 http://www.debian.org/security/2007/dsa-1421 http://www.securityfocus.com/bid/26626 http://www.vupen.com/english/advisories/2007/4026 http://www.wesnoth.org/forum/viewtopic.php?p=264289264289 http://www.wesnoth.org/forum/viewtopic.php?t=18844 https://exchange.xforce.ibmcloud.com/vulnerabilities/38752 https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00004.html https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00006.html