Vulnerability Description
The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wesnoth | Wesnoth | <= 1.4.7 |
Related Weaknesses (CWE)
References
- http://launchpad.net/bugs/335089
- http://launchpad.net/bugs/336396
- http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/change
- http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/chang
- http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987&re
- http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078&d
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49294
- https://gna.org/bugs/index.php?13031
- http://launchpad.net/bugs/335089
- http://launchpad.net/bugs/336396
- http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/change
- http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/chang
- http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987&re
- http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078&d
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49294
FAQ
What is CVE-2009-0878?
CVE-2009-0878 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) ...
How severe is CVE-2009-0878?
CVE-2009-0878 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0878?
Check the references section above for vendor advisories and patch information. Affected products include: Wesnoth Wesnoth.