Launchpad CVE tracker

CVE 2015-1326

python-dbusmock before version 0.15.1 AddTemplate() D-Bus method call or DBusTestCase.spawn_server_template() method could be tricked into executing malicious code if an attacker supplies a .pyc file.

Related bugs and status

CVE-2015-1326 (Candidate) is related to these bugs:

Bug #1453815: arbitrary code execution or file overwrite when templates are loaded from /tmp

		In	Importance	Status
1453815	arbitrary code execution or file overwrite when templates are loaded from /tmp	python-dbusmock	Medium	Fix Released
1453815	arbitrary code execution or file overwrite when templates are loaded from /tmp	python-dbusmock (Ubuntu)	Medium	Fix Released
1453815	arbitrary code execution or file overwrite when templates are loaded from /tmp	python-dbusmock (Ubuntu Wily)	Medium	Fix Released
1453815	arbitrary code execution or file overwrite when templates are loaded from /tmp	python-dbusmock (Ubuntu Trusty)	Medium	Fix Released
1453815	arbitrary code execution or file overwrite when templates are loaded from /tmp	python-dbusmock (Ubuntu Vivid)	Medium	Fix Released
1453815	arbitrary code execution or file overwrite when templates are loaded from /tmp	python-dbusmock (Ubuntu Utopic)	Medium	Fix Released
1453815	arbitrary code execution or file overwrite when templates are loaded from /tmp	python-dbusmock (Fedora)	Medium	Confirmed
1453815	arbitrary code execution or file overwrite when templates are loaded from /tmp	python-dbusmock (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2015-1326

References