CVE-2015-5070

Name of the Vulnerable Software and Affected Versions Battle for Wesnoth versions prior to 1.12.4 Battle for Wesnoth versions 1.13.x prior to 1.13.1

Description The issue allows remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML, specifically when a case-insensitive filesystem is used. This is due to incomplete fixes in the filesystem::get wml location function and the is legal file function.

Recommendations For versions prior to 1.12.4, update to version 1.12.4 or later. For versions 1.13.x prior to 1.13.1, update to version 1.13.1 or later.