CVSS: 5.0EPSS: 6%CPEs: 1EXPL: 1CVE-2013-2131 – Python RRDtool Module - Function Format String
https://notcve.org/view.php?id=CVE-2013-2131
Format string vulnerability in the rrdtool module 1.4.7 for Python, as used in Zenoss, allows context-dependent attackers to cause a denial of service (crash) via format string specifiers to the rrdtool.graph function. Vulnerabilidad de cadena de formato en el módulo rrdtool 1.4.7 para Python, utilizado en Zenoss, permite a atacantes dependientes de contexto causar una denegación de servicio (caída) a través de especificadores de cadenas de formatos en la función rrdtool.graph. • https://www.exploit-db.com/exploits/38521 http://www.openwall.com/lists/oss-security/2013/04/18/5 http://www.openwall.com/lists/oss-security/2013/05/19/5 http://www.openwall.com/lists/oss-security/2013/05/31/2 https://bugzilla.redhat.com/show_bug.cgi?id=969296 https://github.com/oetiker/rrdtool-1.x/issues/396 https://github.com/oetiker/rrdtool-1.x/pull/397 • CWE-134: Use of Externally-Controlled Format String •