FortiClient Vulnerability

Python Vulnerability CVE-2017-17522

Description

** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting.

Affected Applications

Python

CVE References

CVE-2017-17522

Other References

https://bugs.python.org/

ID	67142
Created	Apr 29, 2021
Description Updated	Feb 16, 2022
Risk
Coverage	FortiClient
OS	Windows
Vendor	Python Software Foundation
Patch	manual
Application	Python

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

Python Vulnerability CVE-2017-17522

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

Python Vulnerability CVE-2017-17522

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center