Unrated severityNVD Advisory· Published Dec 5, 2011· Updated Apr 29, 2026
CVE-2011-1932
CVE-2011-1932
Description
Directory traversal vulnerability in io/filesystem/filesystem.cc in Widelands before 15.1 might allow remote attackers to overwrite arbitrary files via . (dot) characters in a pathname that is used for a file transfer in an Internet game.
Affected products
20cpe:2.3:a:widelands:widelands:-:build1:*:*:*:*:*:*+ 19 more
- cpe:2.3:a:widelands:widelands:-:build1:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build10:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build10_release_candidate:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build11:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build11_release_candidate:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build12:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build12_release_candidate:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build13:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build13_release_candidate:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build13_release_candidate2:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build14:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build14_release_candidate:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build2:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build3:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build4:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build5:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build6:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build7:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build8:*:*:*:*:*:*
- cpe:2.3:a:widelands:widelands:-:build9:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- bazaar.launchpad.net/~widelands-dev/widelands/build-15/revision/5021nvdPatchRelease NotesThird Party Advisory
- bugs.debian.org/cgi-bin/bugreport.cginvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.