CVE-2009-0366
- EPSS 1.96%
- Veröffentlicht 12.03.2009 15:20:49
- Zuletzt bearbeitet 16.06.2026 23:04:52
The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth before r33069 allows remote attackers to cause a denial of service via a large compressed WML document.
- EPSS 1.78%
- Veröffentlicht 12.03.2009 15:20:49
- Zuletzt bearbeitet 16.06.2026 23:06:01
The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height.
CVE-2009-0367
- EPSS 10.94%
- Veröffentlicht 05.03.2009 02:30:00
- Zuletzt bearbeitet 16.06.2026 23:04:52
The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsa...
- EPSS 2.84%
- Veröffentlicht 01.12.2007 06:46:00
- Zuletzt bearbeitet 16.06.2026 22:46:44
Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via ".." sequences in unknown vectors.
CVE-2007-6201
- EPSS 1.45%
- Veröffentlicht 01.12.2007 06:46:00
- Zuletzt bearbeitet 16.06.2026 22:47:35
Unspecified vulnerability in Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows attackers to cause a denial of service (hang) via a "faulty add-on" and possibly execute other commands via unknown vectors related to the turn_cmd option.
CVE-2007-3917
- EPSS 2.11%
- Veröffentlicht 11.10.2007 10:17:00
- Zuletzt bearbeitet 16.06.2026 22:43:03
The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which ...