CVE-2009-0367: CVE-2009-0367

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-0367

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Wesnoth Battle for Wesnoth PythonAI模块绕过安全限制漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Battle for Wesnoth(韦诺之战)是一款开源的战棋游戏。 Battle for Wesnoth的PythonAI中的某些白名单python模块错误的导入了本应受限制的python模块，如果用户受骗下载并使用了恶意的添加程序的话，就可能绕过沙盒限制执行任意Python代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2009-0367

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2009-0367

Please Login to view more intelligence information

http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelogx_refsource_CONFIRM
http://www.wesnoth.org/forum/viewtopic.php?t=24340x_refsource_CONFIRM
http://launchpad.net/bugs/336396x_refsource_CONFIRM
https://gna.org/bugs/index.php?13048x_refsource_CONFIRM
http://launchpad.net/bugs/335089x_refsource_CONFIRM
http://www.wesnoth.org/forum/viewtopic.php?t=24247x_refsource_CONFIRM
http://secunia.com/advisories/34236third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/34058third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2009/dsa-1737vendor-advisoryx_refsource_DEBIAN
http://www.vupen.com/english/advisories/2009/0595vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/49058vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2009-0367

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2009-0367

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2009-0367

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2009-0367

III. Intelligence Information for CVE-2009-0367

IV. Related Vulnerabilities

V. Comments for CVE-2009-0367

Leave a comment