VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
CVE-2010-2445
freeciv: freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allow...
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2445

Original

freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions.

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
NIST NVD
First Published:
2010-07-08
Source Information Category:
Advisory, Alert
Last Updated:
2010-07-08




Affected Product Tags
cpe:/a:freeciv:freeciv:2.2.0
cpe:/a:freeciv:freeciv:2.2.0:beta1
cpe:/a:freeciv:freeciv:2.2.0:beta2
cpe:/a:freeciv:freeciv:2.2.0:beta3
cpe:/a:freeciv:freeciv:2.2.0:rc1
cpe:/a:freeciv:freeciv:2.3.0:dev
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

Local [?]
Adjacent Network [?]
X Network [?]
[Access Complexit]  [?]
Undefined [?]

High [?]
Medium [?]
X Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
Single [?]
X None [?]
[Confidentiality Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
[Integrity Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
[Availability Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
Alternatives




References
CONFIRM http://gna.org/bugs/?15624




MLIST [oss-security] 20100624 Re: CVE requests: maradns, freeciv, rbot, gitolite, gource, shib, kvirc




MLIST [oss-security] 20100610 CVE requests: maradns, freeciv, rbot, gitolite, gource, shib, kvirc




OSVDB 65192




Vulnerability Type OS Command Injections (CWE-78)




Copyright © 2010 JPCERT/CC All Rights Reserved.