CVE-2014-7185
Published: 8 October 2014
Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.
Priority
Status
Package | Release | Status |
---|---|---|
python2.7 Launchpad, Ubuntu, Debian |
upstream |
Released
(2.7.8)
|
lucid |
Does not exist
|
|
precise |
Released
(2.7.3-0ubuntu3.8)
|
|
trusty |
Released
(2.7.6-8ubuntu0.2)
|
|
utopic |
Not vulnerable
(2.7.8-10ubuntu1)
|
|
vivid |
Not vulnerable
|
|
Patches: upstream: https://hg.python.org/cpython/rev/8d963c7db507/ |
||
python3.2 Launchpad, Ubuntu, Debian |
upstream |
Not vulnerable
|
lucid |
Does not exist
|
|
precise |
Not vulnerable
(code not present)
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
utopic |
Does not exist
|
|
vivid |
Does not exist
|
|
python3.4 Launchpad, Ubuntu, Debian |
upstream |
Not vulnerable
|
lucid |
Does not exist
|
|
precise |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Not vulnerable
(code not present)
|
|
utopic |
Not vulnerable
(code not present)
|
|
vivid |
Not vulnerable
(code not present)
|