Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1932

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2011-1932
Last Modified 08 Dec 2011 08:37:42
Published 05 Dec 2011 06:55:05
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-1932

Summary

Directory traversal vulnerability in io/filesystem/filesystem.cc in Widelands before 15.1 might allow remote attackers to overwrite arbitrary files via . (dot) characters in a pathname that is used for a file transfer in an Internet game.

Vulnerable Systems

Application

  • Widelands 1

  • Widelands 10

  • Widelands 11

  • Widelands 12

  • Widelands 13

  • Widelands 14

  • Widelands 15

  • Widelands 2

  • Widelands 3

  • Widelands 4

  • Widelands 5

  • Widelands 6

  • Widelands 7

  • Widelands 8

  • Widelands 9

  • Widelands 9.5


References

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617960

CONFIRM - http://bazaar.launchpad.net/~widelands-dev/widelands/build-15/revision/5021


Last Updated: 27 May 2016 10:56:52