5 matches found
SUSE CVE-2013-7338
Python before 3.3.4 RC1 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a file size value larger than the size of the zip file to the 1 ZipExtFile.read, 2 ZipExtFile.readn, 3 ZipExtFile.readlines, 4 ZipFile.extract, or 5 ZipFile.extractall function...
Directory traversal
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as...
CVE-2014-4650
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as...
CVE-2013-7338
Python before 3.3.4 RC1 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a file size value larger than the size of the zip file to the 1 ZipExtFile.read, 2 ZipExtFile.readn, 3 ZipExtFile.readlines, 4 ZipFile.extract, or 5 ZipFile.extractall function...
CVE-2013-7338
Python before 3.3.4 RC1 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a file size value larger than the size of the zip file to the 1 ZipExtFile.read, 2 ZipExtFile.readn, 3 ZipExtFile.readlines, 4 ZipFile.extract, or 5 ZipFile.extractall function...