Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Python Other Vulnerability (CVE-2012-2135)

Description

The utf-16 decoder in Python 3.1 through 3.3 does not update the aligned_end variable after calling the unicode_decode_call_errorhandler function, which allows remote attackers to obtain sensitive information (process memory) or cause a denial of service (memory corruption and crash) via unspecified vectors.

Remediation

References

Related Vulnerabilities

WordPress Plugin Essential Real Estate Cross-Site Scripting (1.7.1)

SharePoint CVE-2024-38228 Vulnerability (CVE-2024-38228)

WordPress Plugin Share Possible Remote Code Execution (1.0)

MySQL CVE-2019-2963 Vulnerability (CVE-2019-2963)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-31545)

Severity

Medium

Classification

CVE-2012-2135

Tags

Missing Update Known Vulnerabilities