Bug 835496 (CVE-2012-2639) - CVE-2012-2639 python (SimpleHTTPServer): XSS attacks against Internet Explorer 7 via UTF-7 encoding
Summary: CVE-2012-2639 python (SimpleHTTPServer): XSS attacks against Internet Explore...
Keywords:
Status: CLOSED DUPLICATE of bug 803500
Alias: CVE-2012-2639
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 835499
TreeView+ depends on / blocked
 
Reported: 2012-06-26 11:06 UTC by Jan Lieskovsky
Modified: 2019-09-29 12:53 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-06-26 12:35:12 UTC
Embargoed:

Attachments (Terms of Use)

Description Jan Lieskovsky 2012-06-26 11:06:11 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2012-2639 to the following vulnerability:

The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer 7 via UTF-7 encoding.

References:
[1] http://bugs.python.org/issue11442
[2] http://jvn.jp/en/jp/JVN51176027/index.html
[3] http://jvndb.jvn.jp/jvndb/JVNDB-2012-000063

Relevant upstream patch:
[4] http://hg.python.org/cpython/rev/e9724d7abbc2
Comment 1 Jan Lieskovsky 2012-06-26 11:09:17 UTC 
This issue did NOT affect the version of the python package, as shipped
with Red Hat Enterprise Linux 5.

--

This issue did NOT affect the version of the python package, as shipped
with Red Hat Enterprise Linux 6.

--

This issue did NOT affect the versions of the python package, as shipped
with Fedora release of 16 and 17.

This issue did NOT affect the version of the python26 package, as shipped
with Fedora EPEL 5.

This issue did NOT affect the versions of the python3 package, as shipped
with Fedora release of 16 and 17.
Comment 2 Thomas Spura 2012-06-26 11:32:20 UTC 
This is a dublicate of CVE-2011-4940, described in bug #803500 and seems to be addressed already:
https://rhn.redhat.com/errata/RHSA-2012-0744.html

(I cannot access the possible rhel6 security bug, which this depends on.)
Comment 3 Jan Lieskovsky 2012-06-26 12:31:35 UTC 
(In reply to comment #2)
> This is a dublicate of CVE-2011-4940, described in bug #803500

Thanks Thomas, you are right (I have had an impression I have seen this somewhere already). Will request CVE-2012-2639 id rejection then.

> and seems to
> be addressed already:
> https://rhn.redhat.com/errata/RHSA-2012-0744.html
> 
> (I cannot access the possible rhel6 security bug, which this depends on.)

And due the corrected RHEL-6 packages, you were correct too. I have checked python-2.6.5-3.el6_0.2 before, which doesn't contain the fix yet, but obviously those from RHSA-2012-0744 (python-2.6.6-29.el6_2.2) contain it already.
Comment 4 Jan Lieskovsky 2012-06-26 12:35:12 UTC 

*** This bug has been marked as a duplicate of bug 803500 ***
Note You need to log in before you can comment on or make changes to this bug.