Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:27204
HistoryOct 24, 2011 - 12:00 a.m.

Google App Enging SDK Code Execution Vulnerability (CVE 2011-1364)

2011-10-2400:00:00
vulners.com
12
JSON

We recently identified an interesting code execution vulnerability in the
Google App Engine SDK for Python. By combining a CSRF vulnerability in the
administration web UI, with some other unique vulnerabilities we found in
the Google python libraries, a remote hacker could gain remote code
execution privileges on victim's machine. This vulnerability affects all
operation systems running Google App Engine SDK for python (i.e. Windows,
Mac OS, etc.).

Full advisory can be found at:

http://blog.watchfire.com/wfblog/2011/10/google-app-engine-cve-2011-1364.html

-Adish
Adi Sharabani
Security Strategist, Master Inventor, IBM

Related

prion 4
cve 4
securityvulns 1
prion
prion
Cross site request forgery (csrf)
2011-10-30 19:55:00
Design/Logic Flaw
2011-10-30 19:55:00
Design/Logic Flaw
2011-10-30 19:55:00
cve
cve
CVE-2011-1364
2011-10-30 19:55:00
CVE-2011-4212
2011-10-30 19:55:00
CVE-2011-4213
2011-10-30 19:55:00
securityvulns
securityvulns
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2011-10-24 00:00:00
JSON
Related for SECURITYVULNS:DOC:27204
prion4cve4securityvulns1