CVE-2012-1502

EPSS 25.6%

python-pam - double free

Published: 6/16/2012Modified: 4/28/2026

Description

Double free vulnerability in the PyPAM_conv in PAMmodule.c in PyPam 0.5.0 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a NULL byte in a password string.

Affected packages (2)

Debian/python-pamfrom 0, < 0.4.2-13
Debian/python-pamfrom 0, < 0.4.2-12.2+squeeze1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-1502