Message 295502 - Python tracker

Message295502

Author	Duy Phan Thanh
Recipients	Duy Phan Thanh
Date	2017-06-09.09:07:09
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1496999230.33.0.525014821898.issue30610@psf.upfronthosting.co.za>
In-reply-to

Content
Python's libexpat library is outdated and vulnerable to CVE-2016-0718 https://sourceforge.net/p/expat/bugs/537/ which can cause remote code execution through malicious xml files. The attached POC crashed both python 2.7 and python 3.5 on my windows machine.

Content

Python's libexpat library is outdated and vulnerable to CVE-2016-0718 https://sourceforge.net/p/expat/bugs/537/
which can cause remote code execution through malicious xml files. The attached POC crashed both python 2.7 and python 3.5 on my windows machine.

History
Date	User	Action	Args
2017-06-09 09:07:10	Duy Phan Thanh	set	recipients: + Duy Phan Thanh
2017-06-09 09:07:10	Duy Phan Thanh	set	messageid: <1496999230.33.0.525014821898.issue30610@psf.upfronthosting.co.za>
2017-06-09 09:07:10	Duy Phan Thanh	link	issue30610 messages
2017-06-09 09:07:09	Duy Phan Thanh	create