Statements (15)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:security
|
| gptkbp:affects_software |
gptkb:Python
|
| gptkbp:attack_vector |
remote
|
| gptkbp:describes |
Python before 2.7.4 and 3.x before 3.3.1 allows context-dependent attackers to execute arbitrary code via a crafted XML document, related to an XML External Entity (XXE) issue in the xml.parsers.expat module.
|
| gptkbp:has_patch |
Python 2.7.4
Python 3.3.1 |
| gptkbp:hasCVSSScore |
7.5
|
| gptkbp:impact |
information disclosure
arbitrary code execution |
| gptkbp:publicationDate |
2012-09-17
|
| gptkbp:vulnerableTo |
gptkb:CVE-2012-4929
XML External Entity (XXE) |
| gptkbp:bfsParent |
gptkb:CRIME_attack
|
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
CVE-2012-4929
|