Lucene search
RedhatCVELIST:CVE-2011-4940HistoryJun 27, 2012 - 10:00 a.m.
CVE-2011-4940
2012-06-2710:00:00
redhat
www.cve.org
2
The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer 7 via UTF-7 encoding.
References
bugs.python.org/issue11442
jvn.jp/en/jp/JVN51176027/index.html
jvndb.jvn.jp/jvndb/JVNDB-2012-000063
secunia.com/advisories/50858
secunia.com/advisories/51024
secunia.com/advisories/51040
www.securityfocus.com/bid/54083
www.ubuntu.com/usn/USN-1592-1
www.ubuntu.com/usn/USN-1596-1
www.ubuntu.com/usn/USN-1613-1
www.ubuntu.com/usn/USN-1613-2
bugzilla.redhat.com/show_bug.cgi?id=803500
Related
prion
prion
Cross site scripting
2012-06-27 10:18:00
debiancve
debiancve
CVE-2011-4940
2012-06-27 10:18:36
veracode
veracode
Cross-site Scripting (XSS)
2019-01-15 08:52:09
Information Disclosure
2019-05-02 04:41:53
Denial Of Service (DoS)
2019-05-02 04:41:53
seebug
seebug
Python SimpleHTTPServer 'list_directory()'函数跨站脚本漏洞
2012-06-23 00:00:00
jvn
jvn
JVN#51176027: Python SimpleHTTPServer vulnerable to cross-site scripting
2012-06-19 00:00:00
nvd
nvd
CVE-2011-4940
2012-06-27 10:18:36
CVE-2012-2639
2012-06-26 10:23:42
openvas
openvas
Python < 2.5.6, 2.6.x < 2.6.7, 2.7.x < 2.7.2, 3.2.x < 3.2.4, 3.3.x < 3.3.1 SimpleHTTPServer UTF-7 (bpo-11442) - Linux
2021-11-01 00:00:00
CentOS Update for python CESA-2012:0745 centos5
2012-07-30 00:00:00
RedHat Update for python RHSA-2012:0745-01
2012-06-19 00:00:00
cve
cve
CVE-2011-4940
2012-06-27 10:18:36
CVE-2012-2639
2012-06-26 10:23:42
ubuntucve
ubuntucve
CVE-2011-4940
2012-06-27 00:00:00
centos
centos
python, tkinter security update
2012-06-18 13:11:45
python, tkinter security update
2012-06-18 16:35:36
nessus
nessus
Oracle Linux 5 : python (ELSA-2012-0745)
2013-07-12 00:00:00
CentOS 5 : python (CESA-2012:0745)
2012-06-19 00:00:00
RHEL 5 : python (RHSA-2012:0745)
2012-06-19 00:00:00
redhat
redhat
(RHSA-2012:0745) Moderate: python security update
2012-06-18 00:00:00
(RHSA-2012:0744) Moderate: python security update
2012-06-18 00:00:00
oraclelinux
oraclelinux
python security update
2012-06-18 00:00:00
python security update
2012-06-18 00:00:00
amazon
amazon
Low: python26
2012-07-05 16:16:00
ubuntu
ubuntu
Python 2.7 vulnerabilities
2012-10-02 00:00:00
Python 2.6 vulnerabilities
2012-10-04 00:00:00
Python 2.4 vulnerabilities
2012-10-17 00:00:00
securityvulns
securityvulns
python multiple security vulnerabilities
2012-07-29 00:00:00
[ MDVSA-2012:096-1 ] python
2012-07-09 00:00:00
f5
f5
debian
debian
[DLA 25-1] python2.6 security update
2014-07-31 21:07:32
osv
osv
python2.6 - security update
2014-07-31 00:00:00
vmware
vmware
VMware security updates for vSphere API and ESX Service Console
2012-11-15 00:00:00
