Wesnoth · Battle For Wesnoth · CVE-2015-0844
**Name of the Vulnerable Software and Affected Versions**
Battle for Wesnoth versions 1.7.x through 1.11.x
Battle for Wesnoth versions 1.12.x prior to 1.12.2
**Description**
The issue allows remote attackers to read arbitrary files through a crafted campaign or map file. This is made possible by the WML/Lua API in the affected software.
**Recommendations**
For versions 1.7.x through 1.11.x, update to a version outside of this range to mitigate the risk.
For versions 1.12.x prior to 1.12.2, update to version 1.12.2 or later to resolve the issue.