Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2011-4357

Опубликовано: 10 дек. 2011
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

Format string vulnerability in the p_cgi_error function in python/neo_cgi.c in the Python CGI Kit (neo_cgi) module for Clearsilver 0.10.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are not properly handled when creating CGI error messages using the cgi_error API function.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:brandon_long:clearsilver:*:*:*:*:*:*:*:*
Версия до 0.10.5 (включая)
cpe:2.3:a:brandon_long:clearsilver:0.1:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.2:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.2.1:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.3:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.4:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.5:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.6:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.7:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.9.7:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.9.14:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.10.1:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.10.2:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.10.3:*:*:*:*:*:*:*
cpe:2.3:a:brandon_long:clearsilver:0.10.4:*:*:*:*:*:*:*

EPSS

Процентиль: 84%
0.02176
Низкий

7.5 High

CVSS2

Дефекты

CWE-134

Связанные уязвимости

ubuntu логотип

CVE-2011-4357

ubuntu
около 14 лет назад

Format string vulnerability in the p_cgi_error function in python/neo_cgi.c in the Python CGI Kit (neo_cgi) module for Clearsilver 0.10.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are not properly handled when creating CGI error messages using the cgi_error API function.

debian логотип

CVE-2011-4357

debian
около 14 лет назад

Format string vulnerability in the p_cgi_error function in python/neo_ ...

github логотип

GHSA-hr7h-rppp-w8x4

github
больше 3 лет назад

Format string vulnerability in the p_cgi_error function in python/neo_cgi.c in the Python CGI Kit (neo_cgi) module for Clearsilver 0.10.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are not properly handled when creating CGI error messages using the cgi_error API function.

EPSS

Процентиль: 84%
0.02176
Низкий

7.5 High

CVSS2

Дефекты

CWE-134