Lucene search

[email protected]CVE-2014-7185

HistoryOct 08, 2014 - 5:55 p.m.

CVE-2014-7185

2014-10-0817:55:05

CWE-189

[email protected]

web.nvd.nist.gov

104

cve

python

2.7.8

integer overflow

bufferobject.c

nvd

security vulnerability

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

7.1 High

AI Score

Confidence

Low

0.019 Low

EPSS

Percentile

88.6%

JSON

Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a “buffer” function.

Affected configurations

NVD

Node

pythonpythonRange≤2.7.7

pythonpythonMatch2.7.1

pythonpythonMatch2.7.1rc1

pythonpythonMatch2.7.2rc1

pythonpythonMatch2.7.3

pythonpythonMatch2.7.4

pythonpythonMatch2.7.5

pythonpythonMatch2.7.6

pythonpythonMatch2.7.1150

pythonpythonMatch2.7.1150x64

pythonpythonMatch2.7.2150

Node

applemac_os_xRange≤10.10.4

CPENameOperatorVersion
python:pythonpythonle2.7.7
python:pythonpythoneq2.7.1
python:pythonpythoneq2.7.2
python:pythonpythoneq2.7.3
python:pythonpythoneq2.7.4
python:pythonpythoneq2.7.5
python:pythonpythoneq2.7.6
python:pythonpythoneq2.7.1150
python:pythonpythoneq2.7.2150

CPE	Name	Operator	Version
python:python	python	le	2.7.7
python:python	python	eq	2.7.1
python:python	python	eq	2.7.2
python:python	python	eq	2.7.3
python:python	python	eq	2.7.4
python:python	python	eq	2.7.5
python:python	python	eq	2.7.6
python:python	python	eq	2.7.1150
python:python	python	eq	2.7.2150