Vulnerability Description
schema.py in FormEncode for Python (python-formencode) 1.0 does not apply the chained_validators feature, which allows attackers to bypass intended access restrictions via unknown vectors.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Formencode | Formencode | 1.0 |
Related Weaknesses (CWE)
References
- http://osvdb.org/47082
- http://secunia.com/advisories/31081Vendor Advisory
- http://secunia.com/advisories/31163Vendor Advisory
- http://sourceforge.net/tracker/download.php?group_id=91231&atid=596416&file_id=2Patch
- http://sourceforge.net/tracker/index.php?func=detail&aid=1925164&group_id=91231&
- http://www.securityfocus.com/bid/30282
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43878
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00607.html
- http://osvdb.org/47082
- http://secunia.com/advisories/31081Vendor Advisory
- http://secunia.com/advisories/31163Vendor Advisory
- http://sourceforge.net/tracker/download.php?group_id=91231&atid=596416&file_id=2Patch
- http://sourceforge.net/tracker/index.php?func=detail&aid=1925164&group_id=91231&
- http://www.securityfocus.com/bid/30282
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43878
FAQ
What is CVE-2008-6547?
CVE-2008-6547 is a vulnerability with a CVSS score of 7.5 (HIGH). schema.py in FormEncode for Python (python-formencode) 1.0 does not apply the chained_validators feature, which allows attackers to bypass intended access restrictions via unknown vectors.
How severe is CVE-2008-6547?
CVE-2008-6547 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6547?
Check the references section above for vendor advisories and patch information. Affected products include: Formencode Formencode.