CVE-2012-0845
Python <2.6.8, <2.7.x-<2.7.3, <3.x-<3.1.5, <3.2.x-<3.2.3 - DoS
Title source: llmDescription
SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header.
References (21)
Core 21
Core References
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/02/13/4
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1615-1
Patch, Vendor Advisory x_refsource_confirm
http://python.org/download/releases/3.2.3/
Exploit x_refsource_confirm
http://bugs.python.org/issue14001
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/51087
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1592-1
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1026689
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1616-1
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/51040
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=789790
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/50858
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/51089
Patch, Vendor Advisory x_refsource_confirm
http://python.org/download/releases/2.6.8/
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1596-1
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1613-2
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/51024
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1613-1
Patch, Vendor Advisory x_refsource_confirm
http://python.org/download/releases/3.1.5/
Patch, Vendor Advisory x_refsource_confirm
http://python.org/download/releases/2.7.3/
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
Scores
EPSS
0.0277
EPSS Percentile
86.2%
Details
CWE
CWE-399
Status
published
Products (49)
python/python
0.9.0
python/python
0.9.1
python/python
1.2
python/python
1.3
python/python
1.5.2
python/python
1.6
python/python
1.6.1
python/python
2.0
python/python
2.0.1
python/python
2.1
... and 39 more
Published
Oct 05, 2012
Tracked Since
Feb 18, 2026