Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python 2.5.2 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2015-5082
Endian Firewall prior to 3.0 allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.
Endian Firewall Endian Firewall
3 EDB exploits
9.3
CVSSv2
CVE-2008-1887
Python 2.5.2 and previous versions allows context-dependent malicious users to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabl...
Python Python
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
8.5
CVSSv2
CVE-2012-5487
The sandbox whitelisting function (allowmodule.py) in Plone prior to 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain privileges to bypass the Python sandbox restriction and execute arbitrary Python code via vectors related to importing.
Plone Plone 1.0
Plone Plone 1.0.1
Plone Plone 1.0.2
Plone Plone 2.1.2
Plone Plone 2.1.3
Plone Plone 2.1.4
Plone Plone 2.5
Plone Plone 3.1.1
Plone Plone 3.1.2
Plone Plone 3.1.3
Plone Plone 3.1.4
Plone Plone 4.0
Plone Plone 4.0.1
Plone Plone 4.0.2
Plone Plone 4.0.3
Plone Plone 4.2
Plone Plone 4.2.0.1
Plone Plone 4.2.1.1
Plone Plone 4.2.1
Plone Plone 2.0
Plone Plone 2.0.1
Plone Plone 2.0.2
8.5
CVSSv2
CVE-2012-5493
gtbn.py in Plone prior to 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain permissions to bypass the Python sandbox and execute arbitrary Python code via unspecified vectors.
Plone Plone 4.3
Plone Plone
Plone Plone 4.2.1
Plone Plone 4.2.1.1
Plone Plone 4.0.6.1
Plone Plone 4.0.5
Plone Plone 4.0.4
Plone Plone 4.0.3
Plone Plone 3.1.7
Plone Plone 3.1.6
Plone Plone 3.1.5.1
Plone Plone 3.1.4
Plone Plone 2.5.3
Plone Plone 4.2
Plone Plone 3.3.4
Plone Plone 3.3.3
Plone Plone 3.3.2
Plone Plone 3.3.1
Plone Plone 3.3
Plone Plone 3.0.6
Plone Plone 3.0.5
Plone Plone 3.0.4
7.5
CVSSv2
CVE-2008-4864
Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 up to and including 2.5.1 allow context-dependent malicious users to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to ...
Python Python
2 EDB exploits
7.5
CVSSv2
CVE-2008-3142
Multiple buffer overflows in Python 2.5.2 and previous versions on 32bit platforms allow context-dependent malicious users to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string proce...
Python Python
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
7.5
CVSSv2
CVE-2008-3143
Multiple integer overflows in Python prior to 2.5.2 might allow context-dependent malicious users to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9)...
Python Python
7.5
CVSSv2
CVE-2008-2315
Multiple integer overflows in Python 2.5.2 and previous versions allow context-dependent malicious users to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and...
Python Python
7.5
CVSSv2
CVE-2008-2316
Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and previous versions might allow context-dependent malicious users to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."
Python Python
7.5
CVSSv2
CVE-2008-1721
Integer signedness error in the zlib extension module in Python 2.5.2 and previous versions allows remote malicious users to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.
Python Python
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »