Python Integer Overflow Vulnerability - 01 Oct14 (Windows) Network Vulnerability

Summary

The host is installed with Python and is prone to integer overflow vulnerability.

Impact

Successful exploitation will allow remote attackers to gain access to potentially sensitive information or cause a denial of service. Impact Level: Application

Solution

Upgrade to version 2.7.8 or later, For updates refer to https://www.python.org

Insight

Flaw exists as the user-supplied input is not properly validated when handling large buffer sizes and/or offsets.

Affected

Python 2.7.x before version 2.7.8 on Windows.

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://bugs.python.org/issue2183
http://osvdb.com/112028
http://xforce.iss.net/xforce/xfdb/96193

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-7185

CVSS	Base Score: 6.4 AV:N/AC:L/Au:N/C:P/I:N/A:P

Related Vulnerabilities

Apple Safari Address Bar Spoofing Vulnerability june-10 (Win)
Adobe Reader Multiple Unspecified Vulnerabilities Jun06 (Mac OS X)
Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Mac OS X)
Adobe Reader Unspecified Vulnerability (Windows)
Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Mac OS X)

Take action and discover your vulnerabilities