Описание
Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow.
Ссылки
- ExploitIssue TrackingVendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Not Applicable
- Not Applicable
- Not Applicable
- Not Applicable
- Not Applicable
- Not Applicable
- Not Applicable
- Not Applicable
- Third Party Advisory
- Third Party Advisory
- Broken Link
- PatchThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Одно из
EPSS
9.3 Critical
CVSS2
Дефекты
Связанные уязвимости
Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow.
Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow.
Python 2.5.2 and earlier allows context-dependent attackers to execute ...
Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow.
EPSS
9.3 Critical
CVSS2