Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6547

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-6547
Last Modified 19 Aug 2009 01:24:02
Published 29 Mar 2009 09:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6547

Summary

schema.py in FormEncode for Python (python-formencode) 1.0 does not apply the chained_validators feature, which allows attackers to bypass intended access restrictions via unknown vectors.

Vulnerable Systems

Application

  • Formencode 1.0


References

CONFIRM - http://sourceforge.net/tracker/download.php?group_id=91231&atid=596416&file_id=271779&aid=1925164

FEDORA - FEDORA-2008-6312

XF - formencode-chainedvalidators-sec-bypass(43878)

BID - 30282

CONFIRM - http://sourceforge.net/tracker/index.php?func=detail&aid=1925164&group_id=91231&atid=596416

SECUNIA - 31163

SECUNIA - 31081

OSVDB - 47082


Last Updated: 27 May 2016 10:49:14