CVE-2013-7323

python-gnupg before 0.3.5 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in unspecified vectors.

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

References

Link	Resource
http://seclists.org/oss-sec/2014/q1/243
http://seclists.org/oss-sec/2014/q1/244	Exploit
http://seclists.org/oss-sec/2014/q1/294	Exploit
http://secunia.com/advisories/56616
http://secunia.com/advisories/59031
http://www.debian.org/security/2014/dsa-2946
https://code.google.com/p/python-gnupg/	Vendor Advisory
http://seclists.org/oss-sec/2014/q1/243
http://seclists.org/oss-sec/2014/q1/244	Exploit
http://seclists.org/oss-sec/2014/q1/294	Exploit
http://secunia.com/advisories/56616
http://secunia.com/advisories/59031
http://www.debian.org/security/2014/dsa-2946
https://code.google.com/p/python-gnupg/	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:vinay_sajip:python-gnupg::::::::
	cpe:2.3:a:vinay_sajip:python-gnupg:0.3.0:::::::*
	cpe:2.3:a:vinay_sajip:python-gnupg:0.3.1:::::::*
	cpe:2.3:a:vinay_sajip:python-gnupg:0.3.2:::::::*
	cpe:2.3:a:vinay_sajip:python-gnupg:0.3.3:::::::*

History

21 Nov 2024, 02:00

Type	Values Removed	Values Added
References	~~() http://seclists.org/oss-sec/2014/q1/243 -~~	() http://seclists.org/oss-sec/2014/q1/243 -
References	~~() http://seclists.org/oss-sec/2014/q1/244 - Exploit~~	() http://seclists.org/oss-sec/2014/q1/244 - Exploit
References	~~() http://seclists.org/oss-sec/2014/q1/294 - Exploit~~	() http://seclists.org/oss-sec/2014/q1/294 - Exploit
References	~~() http://secunia.com/advisories/56616 -~~	() http://secunia.com/advisories/56616 -
References	~~() http://secunia.com/advisories/59031 -~~	() http://secunia.com/advisories/59031 -
References	~~() http://www.debian.org/security/2014/dsa-2946 -~~	() http://www.debian.org/security/2014/dsa-2946 -
References	~~() https://code.google.com/p/python-gnupg/ - Vendor Advisory~~	() https://code.google.com/p/python-gnupg/ - Vendor Advisory

Information

Published : 2014-06-09 19:55

Updated : 2024-11-21 02:00

NVD link : CVE-2013-7323

Mitre link : CVE-2013-7323

CVE.ORG link : CVE-2013-7323

JSON object : View

Products Affected

vinay_sajip

CWE

NVD-CWE-Other