CVE-2014-7185

Опубликовано: 08 окт. 2014

Источник: debian

EPSS Низкий

Описание

Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
python2.5	removed			package
python2.5	no-dsa		squeeze	package
python2.6	removed			package
python2.6	no-dsa		squeeze	package
python2.6	no-dsa		wheezy	package
python2.7	fixed	2.7.8-1		package
python2.7	no-dsa		wheezy	package

Примечания

http://bugs.python.org/issue21831
Upstream fix http://hg.python.org/cpython/rev/8d963c7db507

EPSS

Процентиль: 78%

0.01208

Низкий

Связанные уязвимости

CVE-2014-7185

ubuntu

больше 10 лет назад

Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.

CVE-2014-7185

redhat

почти 11 лет назад

Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.

CVE-2014-7185

nvd

больше 10 лет назад

Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.

GHSA-4p82-prjq-g7wr

github

около 3 лет назад

Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.

SUSE-SU-2015:1344-1

suse-cvrf

почти 10 лет назад

Security update for python

EPSS

Процентиль: 78%

0.01208

Низкий