Multiple Format String Vulnerabilities in RRDtool Python Module in Zenoss Core and Other Products (ZEN-15415)

Multiple Format String Vulnerabilities in RRDtool Python Module in Zenoss Core and Other Products (ZEN-15415)

CVE-2014-6262 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core before 4.2.5 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted third argument to the rrdtool.graph function, aka ZEN-15415, a related issue to CVE-2013-2131.

Learn more about our Web Application Penetration Testing UK.