Lucene search

K

MitreCVELIST:CVE-2009-0367

HistoryMar 05, 2009 - 2:00 a.m.

CVE-2009-0367

2009-03-0502:00:00

mitre

www.cve.org

1

AI Score

7.3

Confidence

Low

EPSS

0.415

Percentile

97.3%

The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module.

References

launchpad.net/bugs/335089

launchpad.net/bugs/336396

launchpad.net/bugs/cve/2009-0367

packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog

packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog

secunia.com/advisories/34058

secunia.com/advisories/34236

www.debian.org/security/2009/dsa-1737

www.vupen.com/english/advisories/2009/0595

www.wesnoth.org/forum/viewtopic.php?t=24247

www.wesnoth.org/forum/viewtopic.php?t=24340

exchange.xforce.ibmcloud.com/vulnerabilities/49058

gna.org/bugs/index.php?13048

AI Score

7.3

Confidence

Low

EPSS

0.415

Percentile

97.3%

Related for CVELIST:CVE-2009-0367

prion1 nvd1 cve1 seebug1 redhatcve1 ubuntucve1 exploitdb1 debian3 securityvulns2 osv1 nessus1 openvas2