CVE-2015-1326

2015-05-1200:00:00

ubuntu.com

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

57.9%

JSON

python-dbusmock before version 0.15.1 AddTemplate() D-Bus method call or
DBusTestCase.spawn_server_template() method could be tricked into executing
malicious code if an attacker supplies a .pyc file.

Bugs

<https://bugs.launchpad.net/python-dbusmock/+bug/1453815>

OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchpython-dbusmock< 0.10.1-1ubuntu1UNKNOWN
ubuntu14.10noarchpython-dbusmock< 0.11.4-1ubuntu1UNKNOWN
ubuntu15.04noarchpython-dbusmock< 0.14-1ubuntu2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	14.04	noarch	python-dbusmock	< 0.10.1-1ubuntu1	UNKNOWN
ubuntu	14.10	noarch	python-dbusmock	< 0.11.4-1ubuntu1	UNKNOWN
ubuntu	15.04	noarch	python-dbusmock	< 0.14-1ubuntu2	UNKNOWN