CVE-2009-0367
05.03.2009, 02:30
The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module.Enginsight
Vendor | Product | Version |
---|---|---|
wesnoth | wesnoth | 1.4 |
wesnoth | wesnoth | 1.4.1 |
wesnoth | wesnoth | 1.4.2 |
wesnoth | wesnoth | 1.4.3 |
wesnoth | wesnoth | 1.4.4 |
wesnoth | wesnoth | 1.4.5 |
wesnoth | wesnoth | 1.4.6 |
wesnoth | wesnoth | 1.4.7 |
wesnoth | wesnoth | 1.5.0 |
wesnoth | wesnoth | 1.5.1 |
wesnoth | wesnoth | 1.5.2 |
wesnoth | wesnoth | 1.5.3 |
wesnoth | wesnoth | 1.5.4 |
wesnoth | wesnoth | 1.5.5 |
wesnoth | wesnoth | 1.5.6 |
wesnoth | wesnoth | 1.5.7 |
wesnoth | wesnoth | 1.5.8 |
wesnoth | wesnoth | 1.5.9 |
wesnoth | wesnoth | 1.5.10 |
𝑥
= Vulnerable software versions

Ubuntu Releases
Common Weakness Enumeration
References