CVE-2014-8165
powerpc-utils - Remote Code Execution via Unsafe Pickle Deserialization
Title source: llmDescription
scripts/amsvis/powerpcAMS/amsnet.py in powerpc-utils-python uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object.
References (6)
Core 6
Core References
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/02/09/4
Vendor Advisory mailing-list
x_refsource_mlist
http://sourceforge.net/p/powerpc-utils/mailman/message/32884230/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/100788
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1073139
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/72537
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2016-2607.html
Scores
EPSS
0.0276
EPSS Percentile
84.3%
Details
CWE
CWE-345
Status
published
Products (1)
powerpc-utils_project/powerpc-utils
Published
Feb 19, 2015
Tracked Since
Feb 18, 2026