8.8 High
AI Score
Confidence
High
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.16 Low
EPSS
Percentile
95.9%
Niels Heinen discovered that the urllib and urllib2 modules would process
Location headers that specify a redirection to file: URLs. A remote
attacker could exploit this to obtain sensitive information or cause a
denial of service. This issue only affected Ubuntu 11.04. (CVE-2011-1521)
It was discovered that SimpleHTTPServer did not use a charset parameter in
the Content-Type HTTP header. An attacker could potentially exploit this
to conduct cross-site scripting (XSS) attacks against Internet Explorer 7
users. This issue only affected Ubuntu 11.04. (CVE-2011-4940)
It was discovered that Python distutils contained a race condition when
creating the ~/.pypirc file. A local attacker could exploit this to obtain
sensitive information. (CVE-2011-4944)
It was discovered that SimpleXMLRPCServer did not properly validate its
input when handling HTTP POST requests. A remote attacker could exploit
this to cause a denial of service via excessive CPU utilization.
(CVE-2012-0845)
It was discovered that Python was susceptible to hash algorithm attacks.
An attacker could cause a denial of service under certian circumstances.
This update adds the ‘-R’ command line option and honors setting the
PYTHONHASHSEED environment variable to ‘random’ to salt str and datetime
objects with an unpredictable value. (CVE-2012-1150)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 11.10 | noarch | python2.7-minimal | < 2.7.2-5ubuntu1.1 | UNKNOWN |
Ubuntu | 11.10 | noarch | libpython2.7 | < 2.7.2-5ubuntu1.1 | UNKNOWN |
Ubuntu | 11.10 | noarch | python2.7 | < 2.7.2-5ubuntu1.1 | UNKNOWN |
Ubuntu | 11.10 | noarch | python2.7-dbg | < 2.7.2-5ubuntu1.1 | UNKNOWN |
Ubuntu | 11.10 | noarch | python2.7-dev | < 2.7.2-5ubuntu1.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | python2.7-minimal | < 2.7.1-5ubuntu2.2 | UNKNOWN |
Ubuntu | 11.04 | noarch | libpython2.7 | < 2.7.1-5ubuntu2.2 | UNKNOWN |
Ubuntu | 11.04 | noarch | python2.7 | < 2.7.1-5ubuntu2.2 | UNKNOWN |
Ubuntu | 11.04 | noarch | python2.7-dbg | < 2.7.1-5ubuntu2.2 | UNKNOWN |
Ubuntu | 11.04 | noarch | python2.7-dev | < 2.7.1-5ubuntu2.2 | UNKNOWN |