6 matches found
Cobbler is vulnerable to code injection
templateapi.py in Cobbler before 2.0.7, as used in Red Hat Network Satellite Server and other products, does not disable the ability of the Cheetah template engine to execute Python statements contained in templates, which allows remote authenticated administrators to execute arbitrary code via a...
PT-2010-3833 · Cobbler · Cobbler
Name of the Vulnerable Software and Affected Versions: Cobbler versions prior to 2.0.7 Description: The issue allows remote authenticated administrators to execute arbitrary code via a crafted kickstart template file. This is due to the template api.py file not disabling the ability of the Cheeta...
CVE-2009-3850
Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execute arbitrary code via a .blend file that contains Python statements in the onLoad action of a ScriptLink SDNA...
Code injection
Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execute arbitrary code via a .blend file that contains Python statements in the onLoad action of a ScriptLink SDNA...
DEBIAN-CVE-2009-3850
Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execute arbitrary code via a .blend file that contains Python statements in the onLoad action of a ScriptLink SDNA...
CVE-2009-3850
Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execute arbitrary code via a .blend file that contains Python statements in the onLoad action of a ScriptLink SDNA...