RSS   Podatności dla 'Clearsilver'   RSS

2011-12-10
 
CVE-2011-4357

CWE-134
 

 
Format string vulnerability in the p_cgi_error function in python/neo_cgi.c in the Python CGI Kit (neo_cgi) module for Clearsilver 0.10.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are not properly handled when creating CGI error messages using the cgi_error API function.

 


Copyright 2024, cxsecurity.com

 

Back to Top