365NEWSX
365NEWSX
Subscribe

Welcome

15-Year-Old Unpatched Python Vulnerability Potentially Affects Over 350,000 Projects - The Hacker News

15-Year-Old Unpatched Python Vulnerability Potentially Affects Over 350,000 Projects - The Hacker News

15-Year-Old Unpatched Python Vulnerability Potentially Affects Over 350,000 Projects - The Hacker News
Sep 22, 2022 31 secs

The shortcoming, tracked as CVE-2007-4559 (CVSS score: 6.8), is rooted in the tarfile module, successful exploitation of which could lead to code execution from an arbitrary file write.

"The vulnerability is a path traversal attack in the extract and extractall functions in the tarfile module that allow an attacker to overwrite arbitrary files by adding the '..' sequence to filenames in a TAR archive," Trellix security researcher Kasimir Schulz said in a writeup.

Originally disclosed in August 2007, the bug has to do with how a specially crafted tar archive can be leveraged to overwrite arbitrary files on a target machine simply upon opening the file.


1 Impotence drugs that may kill off cancer cells could boost survival rates - Daily Mail

Oct 04, 2022 # health 1 min, 3 secs

2 Galaxy S23 cases hint at different camera design featuring a thin hump - SamMobile - Samsung news

Oct 03, 2022 # technology 1 min, 7 secs

3 Judge orders chocolate maker to destroy its chocolate bunnies - KSL.com

Oct 02, 2022 # politics 30 secs

4 'Sister Wives' star Kody Brown asked his 3 remaining wives to 'conform to patriarchy' after Christine announced she was leaving him - Yahoo! Voices

Oct 03, 2022 # entertainment 34 secs

5 Inmate serving life for fatal Vegas bombing escapes prison - The Associated Press

Sep 28, 2022 # politics 26 secs

6 'House of the Dragon' star Olivia Cooke says she had a 'full mental breakdown' at age 22: 'It was bad' - Yahoo Life

Oct 02, 2022 # entertainment 22 secs

7 Celebrities at Paris Fashion Week 2022: Hailey Bieber, Zoe Kravitz, more - Page Six

Sep 28, 2022 # entertainment 12 secs

8 I won't buy the Google Pixel 7 unless it fixes these three problems - TechRadar

Oct 02, 2022 # technology 1 min, 39 secs

9 Venezuela frees seven jailed Americans in swap for two Maduro relatives

Oct 02, 2022 # breaking 1 min, 48 secs

10 Feds seek to fast-track appeal in Trump Mar-a-Lago documents fight - POLITICO

Oct 01, 2022 # politics 1 min, 16 secs

11 Ruben Fleischer To Direct Next ‘Now You See Me’ Pic For Lionsgate - Deadline

Sep 29, 2022 # entertainment 47 secs

12 Amber Heard emerges in Spain with daughter Oonagh after Johnny Depp trial - Page Six

Sep 30, 2022 # entertainment 50 secs

13 Fungus is telltale cancer sign, possibly screenable by blood test: Israel-US study - The Times of Israel

Oct 02, 2022 # health 1 min, 14 secs

14 Unaffiliated neurotrauma consultant who evaluated Miami Dolphins QB Tua Tagovailoa fired over 'several mistakes,' source says - ESPN

Oct 01, 2022 # politics 59 secs

15 "They can't arrest all of us": Why Iran's defiant young protesters "want the change today" - CBS News

Oct 04, 2022 # politics 1 min, 56 secs

16 More EV charging stations coming nationwide, electrifying 75K miles of highways

Sep 28, 2022 # breaking 1 min, 46 secs
SUBSCRIBE

Get monthly updates and free resources.

CONNECT WITH US

© Copyright 2022 365NEWSX - All RIGHTS RESERVED