ByteOS Network

CVE Vulnerability Details :

CVE-2014-1912

PUBLISHED

More Info Official Page

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-28 Feb, 2014 | 18:00

Updated At-06 Aug, 2024 | 09:58

▼CVE Numbering Authority (CNA)

Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://hg.python.org/cpython/rev/87673659d8f7	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-updates/2014-04/msg00035.html	vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html	vendor-advisory x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2015-1064.html	vendor-advisory x_refsource_REDHAT
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html	x_refsource_CONFIRM
http://pastebin.com/raw.php?i=GHXSmNEg	x_refsource_MISC
http://bugs.python.org/issue20246	x_refsource_CONFIRM
http://www.debian.org/security/2014/dsa-2880	vendor-advisory x_refsource_DEBIAN
https://security.gentoo.org/glsa/201503-10	vendor-advisory x_refsource_GENTOO
http://www.securityfocus.com/bid/65379	vdb-entry x_refsource_BID
http://www.openwall.com/lists/oss-security/2014/02/12/16	mailing-list x_refsource_MLIST
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html	vendor-advisory x_refsource_APPLE
http://rhn.redhat.com/errata/RHSA-2015-1330.html	vendor-advisory x_refsource_REDHAT
http://www.exploit-db.com/exploits/31875	exploit x_refsource_EXPLOIT-DB
https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/	x_refsource_MISC
https://support.apple.com/kb/HT205031	x_refsource_CONFIRM
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html	x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-2125-1	vendor-advisory x_refsource_UBUNTU
http://www.securitytracker.com/id/1029831	vdb-entry x_refsource_SECTRACK

Hyperlink: http://hg.python.org/cpython/rev/87673659d8f7

Resource:

x_refsource_CONFIRM

Hyperlink: http://lists.opensuse.org/opensuse-updates/2014-04/msg00035.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1064.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://pastebin.com/raw.php?i=GHXSmNEg

Resource:

x_refsource_MISC

Hyperlink: http://bugs.python.org/issue20246

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.debian.org/security/2014/dsa-2880

Resource:

vendor-advisory

x_refsource_DEBIAN

Hyperlink: https://security.gentoo.org/glsa/201503-10

Resource:

vendor-advisory

x_refsource_GENTOO

Hyperlink: http://www.securityfocus.com/bid/65379

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://www.openwall.com/lists/oss-security/2014/02/12/16

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

Resource:

vendor-advisory

x_refsource_APPLE

Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1330.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.exploit-db.com/exploits/31875

Resource:

exploit

x_refsource_EXPLOIT-DB

Hyperlink: https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/

Resource:

x_refsource_MISC

Hyperlink: https://support.apple.com/kb/HT205031

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.ubuntu.com/usn/USN-2125-1

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: http://www.securitytracker.com/id/1029831

Resource:

vdb-entry

x_refsource_SECTRACK

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://hg.python.org/cpython/rev/87673659d8f7	x_refsource_CONFIRM x_transferred
http://lists.opensuse.org/opensuse-updates/2014-04/msg00035.html	vendor-advisory x_refsource_SUSE x_transferred
http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html	vendor-advisory x_refsource_SUSE x_transferred
http://rhn.redhat.com/errata/RHSA-2015-1064.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html	x_refsource_CONFIRM x_transferred
http://pastebin.com/raw.php?i=GHXSmNEg	x_refsource_MISC x_transferred
http://bugs.python.org/issue20246	x_refsource_CONFIRM x_transferred
http://www.debian.org/security/2014/dsa-2880	vendor-advisory x_refsource_DEBIAN x_transferred
https://security.gentoo.org/glsa/201503-10	vendor-advisory x_refsource_GENTOO x_transferred
http://www.securityfocus.com/bid/65379	vdb-entry x_refsource_BID x_transferred
http://www.openwall.com/lists/oss-security/2014/02/12/16	mailing-list x_refsource_MLIST x_transferred
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html	vendor-advisory x_refsource_APPLE x_transferred
http://rhn.redhat.com/errata/RHSA-2015-1330.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.exploit-db.com/exploits/31875	exploit x_refsource_EXPLOIT-DB x_transferred
https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/	x_refsource_MISC x_transferred
https://support.apple.com/kb/HT205031	x_refsource_CONFIRM x_transferred
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html	x_refsource_CONFIRM x_transferred
http://www.ubuntu.com/usn/USN-2125-1	vendor-advisory x_refsource_UBUNTU x_transferred
http://www.securitytracker.com/id/1029831	vdb-entry x_refsource_SECTRACK x_transferred