Описание
The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module.
The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-0367
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49058
- https://gna.org/bugs/index.php?13048
- http://launchpad.net/bugs/335089
- http://launchpad.net/bugs/336396
- http://launchpad.net/bugs/cve/2009-0367
- http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog
- http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog
- http://secunia.com/advisories/34058
- http://secunia.com/advisories/34236
- http://www.debian.org/security/2009/dsa-1737
- http://www.vupen.com/english/advisories/2009/0595
- http://www.wesnoth.org/forum/viewtopic.php?t=24247
- http://www.wesnoth.org/forum/viewtopic.php?t=24340
EPSS
CVE ID
Связанные уязвимости
The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module.
The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module.
The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows rem ...
EPSS