{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-11-27T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via \"..\" sequences in unknown vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "41713", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/41713"}, {"name": "27920", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27920"}, {"name": "FEDORA-2007-3989", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00006.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/project/shownotes.php?release_id=557098"}, {"name": "27943", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27943"}, {"name": "27786", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27786"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"}, {"name": "FEDORA-2007-3986", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00004.html"}, {"name": "ADV-2007-4026", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/4026"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"}, {"name": "wesnoth-wml-directory-traversal(38752)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38752"}, {"name": "26626", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26626"}, {"name": "DSA-1421", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2007/dsa-1421"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5742", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via \"..\" sequences in unknown vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "41713", "refsource": "OSVDB", "url": "http://osvdb.org/41713"}, {"name": "27920", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27920"}, {"name": "FEDORA-2007-3989", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00006.html"}, {"name": "http://sourceforge.net/project/shownotes.php?release_id=557098", "refsource": "CONFIRM", "url": "http://sourceforge.net/project/shownotes.php?release_id=557098"}, {"name": "27943", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27943"}, {"name": "27786", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27786"}, {"name": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289", "refsource": "CONFIRM", "url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"}, {"name": "FEDORA-2007-3986", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00004.html"}, {"name": "ADV-2007-4026", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/4026"}, {"name": "http://www.wesnoth.org/forum/viewtopic.php?t=18844", "refsource": "CONFIRM", "url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"}, {"name": "wesnoth-wml-directory-traversal(38752)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38752"}, {"name": "26626", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26626"}, {"name": "DSA-1421", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2007/dsa-1421"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:39:13.744Z"}, "title": "CVE Program Container", "references": [{"name": "41713", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/41713"}, {"name": "27920", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27920"}, {"name": "FEDORA-2007-3989", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00006.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sourceforge.net/project/shownotes.php?release_id=557098"}, {"name": "27943", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27943"}, {"name": "27786", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27786"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"}, {"name": "FEDORA-2007-3986", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00004.html"}, {"name": "ADV-2007-4026", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/4026"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"}, {"name": "wesnoth-wml-directory-traversal(38752)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38752"}, {"name": "26626", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/26626"}, {"name": "DSA-1421", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2007/dsa-1421"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5742", "datePublished": "2007-12-01T02:00:00", "dateReserved": "2007-10-31T00:00:00", "dateUpdated": "2024-08-07T15:39:13.744Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E259B064-C2F5-4F09-B07A-B7765D0EA033", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F5EAE3A3-21AD-40DE-99C7-F5756C1E86E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "950BB8F3-CD18-4EF9-9D62-23FB26ACDD73", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "4987B9D2-193E-4AA6-99B1-DD2698E63B79", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "B05F8A92-DA97-4B1B-8F58-69919C52E312", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "02B29F51-C8BB-4AB9-9CEC-D4E0E21185DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "B9422C5B-1D98-437D-871C-DE144B8D5968", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FBD6D024-A80D-4A34-ADEC-369500E0B398", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "AE312CA7-1856-400C-A391-B50F75206200", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "F6CFECF2-1447-41DA-AEE4-14E70154FA48", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "B1215EED-6612-45BC-B51C-A6E4E2BE39EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "36D273E0-A46A-414F-AD0E-0CBE6D8A666D", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "C6E777D3-E4B8-44BC-9ECD-D903C9AA1D81", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "2A43ED90-061D-456A-8C7D-89F1A229BAED", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "DA97E3DE-5157-496C-B676-09598EB1ABAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "648E0AD0-6E97-4973-8E58-CA9EE883C2A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "57B7E333-AC80-4CA7-9D92-B34A17D16CDC", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "55B877EC-E02B-40D1-9118-0867D5CAF91F", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "CA0241E3-6747-4FCF-AD27-A079C0F19DED", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.99.1:*:*:*:*:*:*:*", "matchCriteriaId": "D0B58DBF-035B-42F7-9B6E-47E2A997DD11", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.99.2:*:*:*:*:*:*:*", "matchCriteriaId": "87FE42CE-1F4F-4D81-8476-F45081712C7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.99.3:*:*:*:*:*:*:*", "matchCriteriaId": "C4CA6870-27A8-4B26-A868-3D962D992332", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.99.4:*:*:*:*:*:*:*", "matchCriteriaId": "E2853429-C12F-4307-97E8-6C38EE70E304", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.6.99.5:*:*:*:*:*:*:*", "matchCriteriaId": "34A3D3FE-698A-4C52-AB2A-7E8C1B638051", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "4058C550-F2A8-4111-8F84-1E9E84A3D7CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "F728B1C9-E5A9-462B-ADAF-DADE7F46EA21", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "C1B008FA-0450-4F14-8BAC-691B02A3B22F", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "B4611D18-F34F-45FF-B5BC-905A34910E58", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "16DFBE2B-D7F5-4B2E-8156-563A66B5E861", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "30008245-2643-44AE-B20A-63D00FE48E82", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "08B302AF-B0E4-44AD-A26D-F0BBFFE79C71", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "15528F7F-9927-4A50-9DF8-D40793FCCA5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "41E06FBF-1AA7-4B55-AE1C-113D6A3990A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.9:*:*:*:*:*:*:*", "matchCriteriaId": "EBF41356-8F02-495A-B6E2-7E0AA23B89DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "730B766C-8B47-425C-A612-120989BC4E0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.7.11:*:*:*:*:*:*:*", "matchCriteriaId": "4770E27E-893D-4AE1-850B-F5405770233F", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8:*:*:*:*:*:*:*", "matchCriteriaId": "0C405A91-95C3-479B-96E2-F37A1B4FCC17", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "7B91CAED-E15B-4CDF-83A7-C31F9CE683E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "D41E8097-6464-4AB5-AB8C-E7936EAB3CE5", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "ABB70E7A-795E-4A7E-91CA-781F98CC9FF2", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "429500DC-7592-4870-9360-94D3699F8ABE", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "CAD8D11F-F24C-4538-AD78-A9D7481C5EC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "62B6E6EB-4CDE-439F-9FF3-DF2CA75D17CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "AAA4EF0F-222E-4165-BA39-FC8CC0A61147", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "3F32426F-86F8-44BC-BB0A-DB530372CF6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.9:*:*:*:*:*:*:*", "matchCriteriaId": "9E4C50CF-91C8-4990-8405-C7309910A353", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.10:*:*:*:*:*:*:*", "matchCriteriaId": "3C90456F-96E6-4B6B-A61A-926E01CC9C07", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.8.11:*:*:*:*:*:*:*", "matchCriteriaId": "BE039E74-555F-4F9B-BB9E-05C7709E03E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "B157A699-B2A2-4E95-AB0E-A4607EFDAF71", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "ECE4FB8D-EB9C-43CF-8447-39F528DB841D", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "E6838344-84D6-41C7-A875-C915D955E323", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "7407AE95-4ADA-486E-B1FC-3282683F84B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "8AAE5D43-38CD-4F0F-89F7-03358D47A23B", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "71453BBF-B911-483C-9F44-0D3D9053EA60", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "04B09BA0-35F2-43E7-8E2B-6EE03844A7D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "B378A8D9-86F7-4906-8B49-5145F3A31686", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.0rcl:*:*:*:*:*:*:*", "matchCriteriaId": "6056DDDC-A194-4A30-B7E0-8BA912D9A466", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "6FB817AC-44E4-41CD-BD03-7B5907243FED", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "BBDC2E2D-581C-4B8C-8DB1-2B34A22C1788", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "BDB9B969-9AEA-47B8-A2C1-D951DA5A6D90", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "B3ECAC12-E14D-47F6-853C-758584EB4E29", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "EF2E47D5-D0F1-4FC4-BC1C-9964BE85741D", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "CAFC79CA-F9B0-45FD-904C-B11760E11CD4", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "54937870-186F-4342-8658-6F3DA155A53D", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "9488E868-BFC2-4084-802C-874E41E0AE10", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "A15CBB13-9B93-4C87-A19E-56FFE900D257", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "63E587C8-E7D8-4FD8-A826-D7BFAE7F270D", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "0ED754F0-F2DB-445C-BE11-8525521C7B17", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "1B0FF72F-A313-4BF1-8E7A-BF7EAA2C5EEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "B219D98C-B08A-4BB6-8C5B-E8978823A4C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "18D98006-438D-4DF9-A40A-2B94CE8760EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "07FD8E16-22EC-43BF-8ED3-09236F1C3BB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "6F4D957E-7C2A-4062-A3DF-BD02E9CA5D43", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "D02358E6-E408-4A1C-A391-9F870625C5C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "383AD5F9-7691-4DA8-9DD6-AAB110F54B51", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "51AF2340-3914-4411-BDC0-6B84548384B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "95688481-AC1B-4A58-90D3-E6E76D9E0011", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "E3FF4FDE-AF17-4BCE-AFEC-CDA138B76231", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "30C116EF-BD41-4820-8243-A680EEB70055", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "C55CF49F-7678-41A9-8A4B-012A5B9EC78D", "vulnerable": true}, {"criteria": "cpe:2.3:a:wesnoth:wesnoth:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "952B7487-A920-40B0-BE80-8FA710149E1B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via \"..\" sequences in unknown vectors."}, {"lang": "es", "value": "Una vulnerabilidad de salto de directorio en el preprocesador del motor WML para Wesnoth versiones 1.2.x anteriores a 1.2.8 y versiones 1.3.x anteriores a 1.3.12, permite a atacantes remotos leer archivos arbitrarios por medio de secuencias \"..\" en vectores desconocidos."}], "id": "CVE-2007-5742", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 8.5, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-12-01T06:46:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/41713"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/27786"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/27920"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/27943"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://sourceforge.net/project/shownotes.php?release_id=557098"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2007/dsa-1421"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26626"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/4026"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"}, {"source": "cve@mitre.org", "url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38752"}, {"source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00004.html"}, {"source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00006.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/41713"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27786"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27920"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27943"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://sourceforge.net/project/shownotes.php?release_id=557098"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2007/dsa-1421"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/26626"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/4026"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.wesnoth.org/forum/viewtopic.php?t=18844"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38752"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00004.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00006.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "wesnoth: multiple vulnerabilities", "id": "405661", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=405661"}, "csaw": false, "details": ["Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via \"..\" sequences in unknown vectors."], "name": "CVE-2007-5742", "public_date": "2007-11-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2007-5742\nhttps://nvd.nist.gov/vuln/detail/CVE-2007-5742"], "threat_severity": "Low"}