5

CVE-2012-1150

Exploit

EPSS 1.58%
Published 05.10.2012 21:55:01
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.

Affected products Warnungen 0 Metrics 2 CWE 0 References 21

Data is provided by the National Vulnerability Database (NVD)

Python ≫ Python Version <= 2.6.7

Python ≫ Python Version0.9.0

Python ≫ Python Version0.9.1

Python ≫ Python Version1.2

Python ≫ Python Version1.3

Python ≫ Python Version1.5.2

Python ≫ Python Version1.6

Python ≫ Python Version1.6.1

Python ≫ Python Version2.0

Python ≫ Python Version2.0.1

Python ≫ Python Version2.1

Python ≫ Python Version2.1.1

Python ≫ Python Version2.1.2

Python ≫ Python Version2.1.3

Python ≫ Python Version2.2

Python ≫ Python Version2.2.1

Python ≫ Python Version2.2.2

Python ≫ Python Version2.2.3

Python ≫ Python Version2.3.1

Python ≫ Python Version2.3.2

Python ≫ Python Version2.3.3

Python ≫ Python Version2.3.4

Python ≫ Python Version2.3.5

Python ≫ Python Version2.3.7

Python ≫ Python Version2.4.1

Python ≫ Python Version2.4.2

Python ≫ Python Version2.4.3

Python ≫ Python Version2.4.4

Python ≫ Python Version2.4.6

Python ≫ Python Version2.5.1

Python ≫ Python Version2.5.2

Python ≫ Python Version2.5.3

Python ≫ Python Version2.5.4

Python ≫ Python Version2.5.6

Python ≫ Python Version2.5.150

Python ≫ Python Version2.6.1

Python ≫ Python Version2.6.2

Python ≫ Python Version2.6.3

Python ≫ Python Version2.6.4

Python ≫ Python Version2.6.5

Python ≫ Python Version2.6.6

Python ≫ Python Version2.6.2150

Python ≫ Python Version2.6.6150

Python ≫ Python Version2.7.1

Python ≫ Python Version2.7.1 Updaterc1

Python ≫ Python Version2.7.2 Updaterc1

Python ≫ Python Version2.7.1150

Python ≫ Python Version2.7.2150

Python ≫ Python Version3.0

Python ≫ Python Version3.0.1

Python ≫ Python Version3.1

Python ≫ Python Version3.1.1

Python ≫ Python Version3.1.2

Python ≫ Python Version3.1.3

Python ≫ Python Version3.1.4

Python ≫ Python Version3.2

Python ≫ Python Version3.2 Updatealpha

Python ≫ Python Version3.2.2150

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.58%	0.81

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

http://secunia.com/advisories/50858

http://secunia.com/advisories/51087

http://www.ubuntu.com/usn/USN-1596-1

http://www.ubuntu.com/usn/USN-1616-1

http://www.ubuntu.com/usn/USN-1592-1

http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

http://secunia.com/advisories/51089

http://www.ubuntu.com/usn/USN-1615-1

http://python.org/download/releases/2.6.8/

Patch

Vendor Advisory

http://python.org/download/releases/2.7.3/

Patch

Vendor Advisory

http://python.org/download/releases/3.1.5/

Patch

Vendor Advisory

http://python.org/download/releases/3.2.3/

Patch

Vendor Advisory

http://bugs.python.org/issue13703

Exploit

http://mail.python.org/pipermail/python-dev/2011-December/115116.html

http://mail.python.org/pipermail/python-dev/2012-January/115892.html

http://www.openwall.com/lists/oss-security/2012/03/10/3

https://bugzilla.redhat.com/show_bug.cgi?id=750555

https://nvd.nist.gov/vuln/detail/CVE-2012-1150

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-1150

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-1150

EUVD