exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2008-5985

Status Candidate

Overview

Untrusted search path vulnerability in the Python interface in Epiphany 2.22.3, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).

Related Files

Gentoo Linux Security Advisory 200903-16
Posted Mar 9, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-16 - An untrusted search path vulnerability in Epiphany might result in the execution of arbitrary code. James Vega reported an untrusted search path vulnerability in the Python interface. Versions less than 2.22.3-r2 are affected.

tags | advisory, arbitrary, python
systems | linux, gentoo
advisories | CVE-2008-5985
SHA-256 | f8e7162ba670b96296d096765bbcc2aef7e695b25dda8955f0b94fb293566640
Mandriva Linux Security Advisory 2009-048
Posted Feb 26, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-048-2 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Epiphany working directory. This update provides fix for that vulnerability. The previous update package was not built against the correct (latest) libxulrunner-1.9.0.6 library (fixes #48163)

tags | advisory, arbitrary, local, python
systems | linux, mandriva
advisories | CVE-2008-5985
SHA-256 | b032696b04660af22c37e518a131132cba8eb6c58825fe4808fe2fa0e0faa622
Mandriva Linux Security Advisory 2009-048
Posted Feb 25, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-048-1 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Epiphany working directory. This update provides fix for that vulnerability. The previous update package was not built against the correct (latest) libxulrunner-1.9.0.6 library (fixes #48163)

tags | advisory, arbitrary, local, python
systems | linux, mandriva
advisories | CVE-2008-5985
SHA-256 | 8f10e474b35d037306a6f4098b2632f5760950215e3ed5ab286da21879ce1b2d
Mandriva Linux Security Advisory 2009-048
Posted Feb 21, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-048 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Epiphany working directory. This update provides fix for that vulnerability.

tags | advisory, arbitrary, local, python
systems | linux, mandriva
advisories | CVE-2008-5985
SHA-256 | 7883f5f009d8458c54ce4ec7f8395c1a8adb8400a8af7050d52c046bfe3e2530
Page 1 of 1
Back1Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    35 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close