Test Kennung:	1.3.6.1.4.1.25623.1.0.118269
Kategorie:	Denial of Service
Titel:	Python < 2.7.4, 3.2.x < 3.2.4 Vulnerability in the utf-16 decoder after error handling (bpo-14579) - Linux
Zusammenfassung:	Python is prone to a vulnerability in the UTF-16 decoder.
Beschreibung:	Summary: Python is prone to a vulnerability in the UTF-16 decoder. Vulnerability Insight: The utf-16 decoder in Python does not update the aligned_end variable after calling the unicode_decode_call_errorhandler function, which allows remote attackers to obtain sensitive information (process memory) or cause a denial of service (DoS) (memory corruption and crash) via unspecified vectors. Affected Software/OS: Python prior to version 2.7.4 and 3.2.x prior to 3.2.4. Solution: Update to version 2.7.4, 3.2.4 or later. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2135 51087 http://secunia.com/advisories/51087 51089 http://secunia.com/advisories/51089 USN-1615-1 http://www.ubuntu.com/usn/USN-1615-1 USN-1616-1 http://www.ubuntu.com/usn/USN-1616-1 [oss-security] 20120425 CVE Request: Python 3.2/3.3 utf-16 decoder unicode_decode_call_errorhandler aligned_end is not updated http://www.openwall.com/lists/oss-security/2012/04/25/2 [oss-security] 20120425 Re: CVE Request: Python 3.2/3.3 utf-16 decoder unicode_decode_call_errorhandler aligned_end is not updated http://www.openwall.com/lists/oss-security/2012/04/25/4 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670389 http://bugs.python.org/issue14579
Copyright	Copyright (C) 2021 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.