scripts/amsvis/powerpcAMS/amsnet.py in powerpc-utils-python uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object.
References
Configurations
History
13 Feb 2023, 00:44
Type | Values Removed | Values Added |
---|---|---|
Summary | scripts/amsvis/powerpcAMS/amsnet.py in powerpc-utils-python uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object. | |
References |
|
02 Feb 2023, 20:19
Type | Values Removed | Values Added |
---|---|---|
Summary | It was found that the amsvis command of the powerpc-utils-python package did not verify unpickled data before processing it. This could allow an attacker who can connect to an amsvis server process (or cause an amsvis client process to connect to them) to execute arbitrary code as the user running the amsvis process. | |
References |
|
Information
Published : 2015-02-19 15:59
Updated : 2023-12-10 11:31
NVD link : CVE-2014-8165
Mitre link : CVE-2014-8165
CVE.ORG link : CVE-2014-8165
JSON object : View
Products Affected
powerpc-utils_project
- powerpc-utils
CWE
CWE-345
Insufficient Verification of Data Authenticity