View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2015-0844 medium priority: Ubuntu including 2 source packages (wesnoth-1.10, wesnoth-1.12), 10 status rows across 5 suites (lucid, precise, trusty, upstream, utopic): DNE 5, released 5.
The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted (1) campaign or (2) map file.