CVE-2011-1932
Severity CVSS v4.0:
Pending analysis
Type:
CWE-22
Path Traversal
Publication date:
05/12/2011
Last modified:
11/04/2025
Description
Directory traversal vulnerability in io/filesystem/filesystem.cc in Widelands before 15.1 might allow remote attackers to overwrite arbitrary files via . (dot) characters in a pathname that is used for a file transfer in an Internet game.
Impact
Base Score 2.0
6.40
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:widelands:widelands:-:build1:*:*:*:*:*:* | ||
| cpe:2.3:a:widelands:widelands:-:build10:*:*:*:*:*:* | ||
| cpe:2.3:a:widelands:widelands:-:build10_release_candidate:*:*:*:*:*:* | ||
| cpe:2.3:a:widelands:widelands:-:build11:*:*:*:*:*:* | ||
| cpe:2.3:a:widelands:widelands:-:build11_release_candidate:*:*:*:*:*:* | ||
| cpe:2.3:a:widelands:widelands:-:build12:*:*:*:*:*:* | ||
| cpe:2.3:a:widelands:widelands:-:build12_release_candidate:*:*:*:*:*:* | ||
| cpe:2.3:a:widelands:widelands:-:build13:*:*:*:*:*:* | ||
| cpe:2.3:a:widelands:widelands:-:build13_release_candidate:*:*:*:*:*:* | ||
| cpe:2.3:a:widelands:widelands:-:build13_release_candidate2:*:*:*:*:*:* | ||
| cpe:2.3:a:widelands:widelands:-:build14:*:*:*:*:*:* | ||
| cpe:2.3:a:widelands:widelands:-:build14_release_candidate:*:*:*:*:*:* | ||
| cpe:2.3:a:widelands:widelands:-:build2:*:*:*:*:*:* | ||
| cpe:2.3:a:widelands:widelands:-:build3:*:*:*:*:*:* | ||
| cpe:2.3:a:widelands:widelands:-:build4:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page