Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.
CPE | Name | Operator | Version |
---|---|---|---|
python | ge | 3.2.0 | |
python | lt | 3.4.9 | |
python | ge | 3.5.0 | |
python | lt | 3.5.6 | |
python | ge | 3.6.0 | |
python | lt | 3.6.5 | |
python | eq | 3.7.0 beta1 | |
python | eq | 3.7.0 beta2 | |
python | eq | 3.7.0 beta3 | |
python | eq | 3.7.0 beta4 |