Code Injection in Apple Swift



| Updated: 2020-08-11
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2012-4406
CWE-ID CWE-94
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Swift
Universal components / Libraries / Scripting languages

Vendor Apple Inc.

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Code Injection

EUVDB-ID: #VU43390

Risk: Medium

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2012-4406

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Swift: 1.0.0 - 1.5.0

CPE2.3 External links

http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089472.html
http://rhn.redhat.com/errata/RHSA-2012-1379.html
http://rhn.redhat.com/errata/RHSA-2013-0691.html
http://www.openwall.com/lists/oss-security/2012/09/05/16
http://www.openwall.com/lists/oss-security/2012/09/05/4
http://www.securityfocus.com/bid/55420
http://bugs.launchpad.net/swift/+bug/1006414
http://bugzilla.redhat.com/show_bug.cgi?id=854757
http://exchange.xforce.ibmcloud.com/vulnerabilities/79140
http://github.com/openstack/swift/commit/e1ff51c04554d51616d2845f92ab726cb0e5831a
http://launchpad.net/swift/+milestone/1.7.0


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###