Summary
The remote host is missing an update to wesnoth
announced via advisory DSA 1421-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201421-1
Insight
A vulnerability has been discovered in Battle for Wesnoth that allows remote attackers to read arbitrary files the user running the client has access to on the machine running the game client.
For the old stable distribution (sarge) this problem has been fixed in version 0.9.0-7.
For the stable distribution (etch) this problem has been fixed in version 1.2-3.
For the stable backports distribution (etch-backports) this problem has been fixed in version 1.2.8-1~bpo40+1.
For the unstable distribution (sid) this problem has been fixed in version 1.2.8-1.
For the experimental distribution this problem has been fixed in version 1.3.12-1.
We recommend that you upgrade your wesnoth package.
Severity
Classification
-
CVE CVE-2007-5742 -
CVSS Base Score: 9.0
AV:N/AC:L/Au:N/C:P/I:P/A:C
Related Vulnerabilities