Ubuntu Security Notice 1616-1 - It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. This issue only affected Ubuntu 10.04 LTS. It was discovered that the audioop module did not correctly perform input validation. If a user or automated system were tricked into opening a crafted audio file, an attacker could cause a denial of service via application crash. These issues only affected Ubuntu 10.04 LTS. Various other issues were also addressed.
c6c44f5816b7c0bbd6afdb374ec8925bUbuntu Security Notice 1613-2 - USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4. It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. Various other issues were also addressed.
3ddeab56299a8cc01537f7b23b77d009Ubuntu Security Notice 1613-1 - It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. It was discovered that the audioop module did not correctly perform input validation. If a user or automated system were tricked into opening a crafted audio file, an attacker could cause a denial of service via application crash. Various other issues were also addressed.
ba65090626e4879ab3333610086858c6Ubuntu Security Notice 1596-1 - It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. It was discovered that the audioop module did not correctly perform input validation. If a user or automated system were tricked into opening a crafted audio file, an attacker could cause a denial of service via application crash. Various other issues were also addressed.
077d2cf947d04a01882d946bad5a363bGentoo Linux Security Advisory GLSA 200904-06 - An untrusted search path vulnerability in the Eye of GNOME might result in the execution of arbitrary code. James Vega reported an untrusted search path vulnerability in the GObject Python interpreter wrapper in the Eye of GNOME, a vulnerability related to CVE-2008-5983. Versions less than 2.22.3-r3 are affected.
cf4c5e2c3a7f4c9fbfcfb786fa4ed0e9Gentoo Linux Security Advisory GLSA 200903-41 - A vulnerability in gedit might allow local attackers to execute arbitrary code. James Vega reported that gedit uses the current working directory when searching for python modules, a vulnerability related to CVE-2008-5983. Versions less than 2.24.3 are affected.
10f6bfbe86d4f60074e5138edac00bc6
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed