what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2008-5985

Status Candidate

Overview

Untrusted search path vulnerability in the Python interface in Epiphany 2.22.3, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).

Related Files

Gentoo Linux Security Advisory 200903-16
Posted Mar 9, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-16 - An untrusted search path vulnerability in Epiphany might result in the execution of arbitrary code. James Vega reported an untrusted search path vulnerability in the Python interface. Versions less than 2.22.3-r2 are affected.

tags | advisory, arbitrary, python
systems | linux, gentoo
advisories | CVE-2008-5985
SHA-256 | f8e7162ba670b96296d096765bbcc2aef7e695b25dda8955f0b94fb293566640
Mandriva Linux Security Advisory 2009-048
Posted Feb 26, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-048-2 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Epiphany working directory. This update provides fix for that vulnerability. The previous update package was not built against the correct (latest) libxulrunner-1.9.0.6 library (fixes #48163)

tags | advisory, arbitrary, local, python
systems | linux, mandriva
advisories | CVE-2008-5985
SHA-256 | b032696b04660af22c37e518a131132cba8eb6c58825fe4808fe2fa0e0faa622
Mandriva Linux Security Advisory 2009-048
Posted Feb 25, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-048-1 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Epiphany working directory. This update provides fix for that vulnerability. The previous update package was not built against the correct (latest) libxulrunner-1.9.0.6 library (fixes #48163)

tags | advisory, arbitrary, local, python
systems | linux, mandriva
advisories | CVE-2008-5985
SHA-256 | 8f10e474b35d037306a6f4098b2632f5760950215e3ed5ab286da21879ce1b2d
Mandriva Linux Security Advisory 2009-048
Posted Feb 21, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-048 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Epiphany working directory. This update provides fix for that vulnerability.

tags | advisory, arbitrary, local, python
systems | linux, mandriva
advisories | CVE-2008-5985
SHA-256 | 7883f5f009d8458c54ce4ec7f8395c1a8adb8400a8af7050d52c046bfe3e2530
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close