paul Posted October 15, 2010 Report Share Posted October 15, 2010 A vulnerability was discovered and corrected in freeciv: freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions (CVE-2010-2445). The updated packages have been upgraded to v2.2.1 which is not vulnerable to this issue. Link to comment Share on other sites More sharing options...
Recommended Posts