CVE-2011-4357 in Clearsilverinformazioni

Riassunto

di MITRE

Format string vulnerability in the p_cgi_error function in python/neo_cgi.c in the Python CGI Kit (neo_cgi) module for Clearsilver 0.10.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are not properly handled when creating CGI error messages using the cgi_error API function.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

04/11/2011

Divulgazione

10/12/2011

Moderazione

accettato

Voce

VDB-59649

CPE

pronto

CWE

CWE-134 (confermato)

CVSS

7.5 (NVD)

EPSS

0.03056

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-4357
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-4357
CVE Details	https://www.cvedetails.com/cve/CVE-2011-4357/

◂ Precedente Visione D'ensemble Il prossimo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!