MDVSA-2009:048-1 -- Mandriva epiphanyID: oval:org.secpod.oval:def:300828 | Date: (C)2012-01-07 (M)2021-09-12 |
Class: PATCH | Family: unix |
Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Epiphany working directory . This update provides fix for that vulnerability. Update: The previous update package was not built against the correct libxulrunner-1.9.0.6 library
Platform: |
Mandriva Linux 2009.0 |