50 matches found
Python 1.5/1.6/2.0/2.1.x Pickle Class Constructor Arbitrary Code Execution
No description provided by source. source: http://www.securityfocus.com/bid/5257/info Python is an open source, object oriented programming language. The Python Pickle module is provided to convert object variables into a serialized form pickling, and later recover the data back into an object...
CVE-2013-5942
Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to 1 remotestorage.py, 2 storage.py, 3 render/datalib.py, and 4 whitelist/views.py, a different vulnerability than CVE-2013-5093...
CVE-2013-5093
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...
CVE-2013-5093
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...
Authentication flaw
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...
Openstack-Swift: insecure use of python pickle()
OpenStack Object Storage swift before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object...
RHEL 6 : system-config-firewall (RHSA-2011:0953)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:0953 advisory. system-config-firewall is a graphical user interface for basic firewall setup. It was found that system-config-firewall used the Python pickle module...
Multiple bugs in Python
Input validation problems in pickle module...
Exploit for a security hole in the pickle module for Python versions <= 2.1.x
""" Exploit for a security hole in the pickle module for Python versions = 2.1.x Pickle is the name of a Python module for object persistence. It can convert arbitrary Python objects into byte streams and back. Though the documentation for Python 1.5.2 read The pickle module doesn't handle code...
Python 1.5.2 Pickle - Unsafe 'eval()' Code Execution
source: https://www.securityfocus.com/bid/5255/info Python is an open source, object oriented programming language. The Python Pickle module is provided to convert object variables into a serialized form "pickling", and later recover the data back into an object hierarchy "unpickling". A...