5

CVE-2012-1150

Exploit

EPSS 1.03%
Veröffentlicht 05.10.2012 21:55:01
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 21

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Python ≫ Python Version <= 2.6.7

Python ≫ Python Version0.9.0

Python ≫ Python Version0.9.1

Python ≫ Python Version1.2

Python ≫ Python Version1.3

Python ≫ Python Version1.5.2

Python ≫ Python Version1.6

Python ≫ Python Version1.6.1

Python ≫ Python Version2.0

Python ≫ Python Version2.0.1

Python ≫ Python Version2.1

Python ≫ Python Version2.1.1

Python ≫ Python Version2.1.2

Python ≫ Python Version2.1.3

Python ≫ Python Version2.2

Python ≫ Python Version2.2.1

Python ≫ Python Version2.2.2

Python ≫ Python Version2.2.3

Python ≫ Python Version2.3.1

Python ≫ Python Version2.3.2

Python ≫ Python Version2.3.3

Python ≫ Python Version2.3.4

Python ≫ Python Version2.3.5

Python ≫ Python Version2.3.7

Python ≫ Python Version2.4.1

Python ≫ Python Version2.4.2

Python ≫ Python Version2.4.3

Python ≫ Python Version2.4.4

Python ≫ Python Version2.4.6

Python ≫ Python Version2.5.1

Python ≫ Python Version2.5.2

Python ≫ Python Version2.5.3

Python ≫ Python Version2.5.4

Python ≫ Python Version2.5.6

Python ≫ Python Version2.5.150

Python ≫ Python Version2.6.1

Python ≫ Python Version2.6.2

Python ≫ Python Version2.6.3

Python ≫ Python Version2.6.4

Python ≫ Python Version2.6.5

Python ≫ Python Version2.6.6

Python ≫ Python Version2.6.2150

Python ≫ Python Version2.6.6150

Python ≫ Python Version2.7.1

Python ≫ Python Version2.7.1 Updaterc1

Python ≫ Python Version2.7.2 Updaterc1

Python ≫ Python Version2.7.1150

Python ≫ Python Version2.7.2150

Python ≫ Python Version3.0

Python ≫ Python Version3.0.1

Python ≫ Python Version3.1

Python ≫ Python Version3.1.1

Python ≫ Python Version3.1.2

Python ≫ Python Version3.1.3

Python ≫ Python Version3.1.4

Python ≫ Python Version3.2

Python ≫ Python Version3.2 Updatealpha

Python ≫ Python Version3.2.2150

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.03%	0.766

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

http://secunia.com/advisories/50858

http://secunia.com/advisories/51087

http://www.ubuntu.com/usn/USN-1596-1

http://www.ubuntu.com/usn/USN-1616-1

http://www.ubuntu.com/usn/USN-1592-1

http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

http://secunia.com/advisories/51089

http://www.ubuntu.com/usn/USN-1615-1

http://python.org/download/releases/2.6.8/

Patch

Vendor Advisory

http://python.org/download/releases/2.7.3/

Patch

Vendor Advisory

http://python.org/download/releases/3.1.5/

Patch

Vendor Advisory

http://python.org/download/releases/3.2.3/

Patch

Vendor Advisory

http://bugs.python.org/issue13703

Exploit

http://mail.python.org/pipermail/python-dev/2011-December/115116.html

http://mail.python.org/pipermail/python-dev/2012-January/115892.html

http://www.openwall.com/lists/oss-security/2012/03/10/3

https://bugzilla.redhat.com/show_bug.cgi?id=750555

https://nvd.nist.gov/vuln/detail/CVE-2012-1150

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-1150

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-1150

EUVD