Lucene search
K

13 matches found

OpenVAS
OpenVAS
added 2009/12/14 12:0 a.m.23 views

Mandriva Security Advisory MDVSA-2009:046-1 (dia)

The remote host is missing an update to dia announced via advisory MDVSA-2009:046-1. OpenVAS Vulnerability Test $Id: mdksa20090461.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:046-1 dia Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

6.9CVSS0.7AI score0.00399EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2009/12/09 12:0 a.m.25 views

Mandriva Linux Security Advisory : dia (MDVSA-2009:046-1)

Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current dia working directory CVE-2008-5984. This update...

6.9CVSS5.4AI score0.00399EPSS
Exploits2References1
seebug.org
seebug.org
added 2009/02/19 12:0 a.m.32 views

Dia Python插件使用不安全搜索路径漏洞

BUGTRAQ ID: 33448 CVECAN ID: CVE-2008-5984 Dia是开放源码的流程图软件。 Dia的Python插件使用了不可信任的搜索路径,在调用PySysSetArgv时Python向sys.path附加了空字符串。如果dia工作目录中的python文件名称与python脚本试图导入的文件名相同的话,就会导致在用户系统中执行任意代码。 GNOME Dia 0.96.1 厂商补丁: GNOME ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.mandriva.com/en/download/...

6.9CVSS6.4AI score0.00399EPSS
Exploits2
OpenVAS
OpenVAS
added 2009/02/18 12:0 a.m.35 views

FreeBSD Ports: dia

The remote host is missing an update to the system as announced in the referenced advisory. VID 25eb365c-fd11-11dd-8424-c213de35965d OpenVAS Vulnerability Test $ Description: Auto generated from VID 25eb365c-fd11-11dd-8424-c213de35965d Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

6.9CVSS0.4AI score0.0051EPSS
Exploits2
OpenVAS
OpenVAS
added 2009/02/18 12:0 a.m.28 views

Mandrake Security Advisory MDVSA-2009:040 (dia)

The remote host is missing an update to dia announced via advisory MDVSA-2009:040. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...

6.9CVSS6.4AI score0.00399EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2009/02/18 12:0 a.m.25 views

Mandrake Security Advisory MDVSA-2009:040 (dia)

The remote host is missing an update to dia announced via advisory MDVSA-2009:040. OpenVAS Vulnerability Test $Id: mdksa2009040.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:040 dia Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

6.9CVSS0.7AI score0.00399EPSS
Exploits2
OpenVAS
OpenVAS
added 2009/02/18 12:0 a.m.39 views

FreeBSD Ports: dia

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

6.9CVSS6.5AI score0.00399EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2009/02/02 12:0 a.m.24 views

Fedora Core 9 FEDORA-2009-1057 (dia)

The remote host is missing an update to dia announced via advisory FEDORA-2009-1057. OpenVAS Vulnerability Test $Id: fcore20091057.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-1057 dia Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

6.9CVSS6.4AI score0.00399EPSS
Exploits2References1
UbuntuCve
UbuntuCve
added 2009/01/28 11:30 a.m.32 views

CVE-2008-5984

Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySysSetArgv function CVE-2008-5983...

6.9CVSS6.2AI score0.00399EPSS
Exploits2References1
OSV
OSV
added 2009/01/28 11:30 a.m.12 views

CVE-2008-5984

Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySysSetArgv function CVE-2008-5983...

7AI score
Exploits0References10
Debian CVE
Debian CVE
added 2009/01/28 11:0 a.m.37 views

CVE-2008-5984

Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySysSetArgv function CVE-2008-5983...

6.9CVSS9.2AI score0.00399EPSS
Exploits2
CVE
CVE
added 2009/01/28 11:0 a.m.67 views

CVE-2008-5984

CVE-2008-5984 describes an untrusted search path vulnerability in the Python plugin used by Dia 0.96.1, enabling local users to run arbitrary code via a Trojan Python file in the current working directory. The underlying root cause is tied to PySys_SetArgv (CVE-2008-5983), which can prepend an em...

6.9CVSS6.2AI score0.0051EPSS
Exploits2References10Affected Software1
Tenable Nessus
Tenable Nessus
added 2009/01/27 12:0 a.m.26 views

Fedora 9 : dia-0.96.1-7.fc9 (2009-1057)

Filter out untrusted python modules search path to remove the possibility to run arbitrary code on the user's system if there is a python file in dia's working directory named the same as one that dia's python scripts try to import. Note that Tenable Network Security has extracted the preceding...

6.9CVSS5.9AI score0.00399EPSS
Exploits2References3
Rows per page
Query Builder