CVE-2014-4616
MEDIUM severity · CVSS 5.9 · CWE-129
5.9CVSS MEDIUM
Summary
Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.
Impact & exploitability
Attack vectorNetwork
Attack complexityHigh
Privileges requiredNone
User interactionNone
Confidentiality impactHigh
Integrity impactNone
Availability impactNone
Exploit probability (EPSS)8%
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products we track (1)
Recommendation
Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.
Official patch: https://bugzilla.redhat.com/show_bug.cgi?id=1112285 ↗
Additional information
- NVD record
- https://bugzilla.redhat.com/show_bug.cgi?id=1112285Patch
- https://hackerone.com/reports/12297Patch
- http://bugs.python.org/issue21529Advisory
- http://lists.opensuse.org/opensuse-updates/2014-07/msg00015.htmlAdvisory
- http://openwall.com/lists/oss-security/2014/06/24/7Advisory
- http://rhn.redhat.com/errata/RHSA-2015-1064.htmlAdvisory
- http://www.securityfocus.com/bid/68119Advisory
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752395Advisory