Required CVE Record Information
Description
mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module.
References 6 Total
- iss.net: modpython-imported-module-access(8997) vdb-entry
- securityfocus.com: 4656 vdb-entry
- http://www.modpython.org/pipermail/mod_python/2002-April/002003.html
- http://www.modpython.org/pipermail/mod_python/2002-April/001991.html
- redhat.com: RHSA-2002:070 vendor-advisory
- distro.conectiva.com.br: CLA-2002:477 vendor-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 6 Total
- iss.net: modpython-imported-module-access(8997) vdb-entryx_transferred
- securityfocus.com: 4656 vdb-entryx_transferred
- http://www.modpython.org/pipermail/mod_python/2002-April/002003.html x_transferred
- http://www.modpython.org/pipermail/mod_python/2002-April/001991.html x_transferred
- redhat.com: RHSA-2002:070 vendor-advisoryx_transferred
- distro.conectiva.com.br: CLA-2002:477 vendor-advisoryx_transferred