Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Python27 insecure

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
DLTAZ Python27 insecure
Member 30th Jun, 2012 18:21
Ranking: 0
Posts: 1
User Since: 29th Jun, 2012
System Score: N/A
Location: N/A
A recurring problem?
The rescan solution to fixing the security vulnerabilities in the Python dll does not solve the problem because the offending dll is part of Scribus and not part of the Python programming package the solution wants to install. I updated Scribus to the latest version, rescanned and still have the error.

The following is the trouble shooting report from PSI:

Program Name:
Python 2.7.x

Security State:
Insecure

Download Link:
http://www.python.org/getit/

Instances Found:
C:\Program Files (x86)\Scribus 1.4.1\python27.dll, version: 2.7.1150.1013

Last System Scan (localtime):
30. Jun 2012, 09:13

Operating System:
Microsoft Windows 7

Any help in solving this problem would be greatly appreciated.

mogs RE: Python27 insecure
Expert Contributor 30th Jun, 2012 21:41
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
@DLTAZ

There was a very similar problem reported here :-
http://secunia.com/community/forum/thread/show/128...
It seems to suggest that Secunia amended their detection rules in that instance......they will be back in work on Monday, when hopefully they will pick up on your predicament.

Regards...........

--
Was this reply relevant?
+0
-0
J.Vemmer RE: Python27 insecure
Secunia Official 2nd Jul, 2012 09:32
Score: 5
Posts: 20
User Since: 5th Oct 2011
System Score: N/A
Location: Copenhagen, DK
Please perform a full system rescan with the PSI as issue should now be resolved.

--
Kind regards,

Jais Vemmer
xSI Signatures Specialist
antipodes RE: Python27 insecure
Member 8th Jul, 2012 02:08
Score: 0
Posts: 29
User Since: 22nd Oct 2008
System Score: N/A
Location: AU
I am continuing to receive the update alert for Python 2.7. Secunia show that Python 2.7 is appearing in one of my Cyberlink products PhotoDirector3. I contacted Cyberlink support asking for advice on how to update Python 2.7 and was told to wait for the next patch for that product. If this advice is appropriate why does Secunia keep advising that the program needs updating?

--
antipodes
Was this reply relevant?
+0
-0
ddmarshall RE: Python27 insecure
Dedicated Contributor 8th Jul, 2012 11:25
Score: 1211
Posts: 965
User Since: 8th Nov 2008
System Score: 98%
Location: UK
The Python runtime is included in a multitude of applications. Secunia cannot possibly be aware of all of them.

If you want Secunia to amend their rules, you should post the path where PSI detects Python as was done above. To improve the chance of Support spotting your post, start your own thread in the Programs forum.

--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer