exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2008-5985

Status Candidate

Overview

Untrusted search path vulnerability in the Python interface in Epiphany 2.22.3, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).

Related Files

Gentoo Linux Security Advisory 200903-16
Posted Mar 9, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-16 - An untrusted search path vulnerability in Epiphany might result in the execution of arbitrary code. James Vega reported an untrusted search path vulnerability in the Python interface. Versions less than 2.22.3-r2 are affected.

tags | advisory, arbitrary, python
systems | linux, gentoo
advisories | CVE-2008-5985
SHA-256 | f8e7162ba670b96296d096765bbcc2aef7e695b25dda8955f0b94fb293566640
Mandriva Linux Security Advisory 2009-048
Posted Feb 26, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-048-2 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Epiphany working directory. This update provides fix for that vulnerability. The previous update package was not built against the correct (latest) libxulrunner-1.9.0.6 library (fixes #48163)

tags | advisory, arbitrary, local, python
systems | linux, mandriva
advisories | CVE-2008-5985
SHA-256 | b032696b04660af22c37e518a131132cba8eb6c58825fe4808fe2fa0e0faa622
Mandriva Linux Security Advisory 2009-048
Posted Feb 25, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-048-1 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Epiphany working directory. This update provides fix for that vulnerability. The previous update package was not built against the correct (latest) libxulrunner-1.9.0.6 library (fixes #48163)

tags | advisory, arbitrary, local, python
systems | linux, mandriva
advisories | CVE-2008-5985
SHA-256 | 8f10e474b35d037306a6f4098b2632f5760950215e3ed5ab286da21879ce1b2d
Mandriva Linux Security Advisory 2009-048
Posted Feb 21, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-048 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Epiphany working directory. This update provides fix for that vulnerability.

tags | advisory, arbitrary, local, python
systems | linux, mandriva
advisories | CVE-2008-5985
SHA-256 | 7883f5f009d8458c54ce4ec7f8395c1a8adb8400a8af7050d52c046bfe3e2530
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close