Directory traversal vulnerability in io/filesystem/filesystem.cc in Widelands before 15.1 might allow remote attackers to overwrite arbitrary files via . (dot) characters in a pathname that is used for a file transfer in an Internet game.
References
Link | Resource |
---|---|
http://bazaar.launchpad.net/~widelands-dev/widelands/build-15/revision/5021 | Patch Release Notes Third Party Advisory |
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617960 | Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2011-12-05T11:00:00Z
Updated: 2011-12-05T11:00:00Z
Reserved: 2011-05-09T00:00:00Z
Link: CVE-2011-1932
JSON object: View
NVD Information
Status : Analyzed
Published: 2011-12-05T11:55:05.867
Modified: 2021-06-25T14:19:49.137
Link: CVE-2011-1932
JSON object: View
Redhat Information
No data.
CWE