Vulnerability Details : CVE-2005-2875
Py2Play allows remote attackers to execute arbitrary Python code via pickled objects, which Py2Play unpickles and executes.
Products affected by CVE-2005-2875
- cpe:2.3:a:py2play:py2play:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-2875
1.30%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-2875
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2005-2875
-
http://soya.literati.org/
Vendor Advisory
-
https://bugs.gentoo.org/show_bug.cgi?id=103524
103524 – dev-python/py2play: gives control of local system to other playersVendor Advisory
-
http://www.securityfocus.com/bid/14864
-
http://www.gentoo.org/security/en/glsa/glsa-200509-09.xml
Py2Play: Remote execution of arbitrary Python code (GLSA 200509-09) — Gentoo security
-
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326976
#326976 - py2play security vulnerability - Debian Bug report logsVendor Advisory
-
http://www.debian.org/security/2005/dsa-856
Debian -- Security Information -- DSA-856-1 py2play
Jump to