Описание
Format string vulnerability in the p_cgi_error function in python/neo_cgi.c in the Python CGI Kit (neo_cgi) module for Clearsilver 0.10.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are not properly handled when creating CGI error messages using the cgi_error API function.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 0.10.5-1.2ubuntu1 |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| maverick | released | 0.10.5-1+squeeze1build0.10.10.1 |
| natty | released | 0.10.5-1+squeeze1build0.11.04.1 |
| oneiric | released | 0.10.5-1.1ubuntu0.1 |
| precise | released | 0.10.5-1.2ubuntu1 |
| quantal | released | 0.10.5-1.2ubuntu1 |
| raring | released | 0.10.5-1.2ubuntu1 |
| saucy | released | 0.10.5-1.2ubuntu1 |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
Связанные уязвимости
Format string vulnerability in the p_cgi_error function in python/neo_cgi.c in the Python CGI Kit (neo_cgi) module for Clearsilver 0.10.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are not properly handled when creating CGI error messages using the cgi_error API function.
Format string vulnerability in the p_cgi_error function in python/neo_ ...
Format string vulnerability in the p_cgi_error function in python/neo_cgi.c in the Python CGI Kit (neo_cgi) module for Clearsilver 0.10.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are not properly handled when creating CGI error messages using the cgi_error API function.
EPSS
7.5 High
CVSS2