Format string vulnerability in the p_cgi_error function in python/neo_cgi.c in the Python CGI Kit (neo_cgi) module for Clearsilver 0.10.5 and previous versions allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are not properly handled when creating CGI error messages using the cgi_error API function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
brandon long clearsilver 0.9.14 |
||
brandon long clearsilver 0.9.7 |
||
brandon long clearsilver 0.7.2 |
||
brandon long clearsilver 0.7.1 |
||
brandon long clearsilver 0.2 |
||
brandon long clearsilver 0.1 |
||
brandon long clearsilver 0.10.4 |
||
brandon long clearsilver 0.10.3 |
||
brandon long clearsilver 0.9.2 |
||
brandon long clearsilver 0.9.1 |
||
brandon long clearsilver 0.5 |
||
brandon long clearsilver 0.4 |
||
brandon long clearsilver 0.10.2 |
||
brandon long clearsilver 0.10.1 |
||
brandon long clearsilver 0.9.0 |
||
brandon long clearsilver 0.8.1 |
||
brandon long clearsilver 0.8.0 |
||
brandon long clearsilver 0.3 |
||
brandon long clearsilver 0.2.1 |
||
brandon long clearsilver |
||
brandon long clearsilver 0.9.6 |
||
brandon long clearsilver 0.9.3 |
||
brandon long clearsilver 0.7 |
||
brandon long clearsilver 0.6 |