CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-0317

Untrusted search path vulnerability in the Python language bindings for Nautilus (nautilus-python) allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.6%

CVSS Severity

CVSS v2 Score 6.9

References

http://www.openwall.com/lists/oss-security/2009/01/26/2
http://www.securityfocus.com/bid/33442
https://bugzilla.redhat.com/show_bug.cgi?id=481570
http://www.openwall.com/lists/oss-security/2009/01/26/2
http://www.securityfocus.com/bid/33442
https://bugzilla.redhat.com/show_bug.cgi?id=481570

Products affected by CVE-2009-0317

Gnome » Nautilus-Python » Version: Any

cpe:2.3:a:gnome:nautilus-python:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-0317

Products

Pricing

Contact Us