CVE-2014-4616

MEDIUM

Description

Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.

References

http://bugs.python.org/issue21529

http://lists.opensuse.org/opensuse-updates/2014-07/msg00015.html

http://openwall.com/lists/oss-security/2014/06/24/7

http://rhn.redhat.com/errata/RHSA-2015-1064.html

http://www.securityfocus.com/bid/68119

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752395

https://bugzilla.redhat.com/show_bug.cgi?id=1112285

https://hackerone.com/reports/12297

https://security.gentoo.org/glsa/201503-10

Details

Source: MITRE

Published: 2017-08-24

Updated: 2018-10-30

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 2.2

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:python:python:2.7.0:*:*:*:*:*:*:*

cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*

cpe:2.3:a:python:python:2.7.2:*:*:*:*:*:*:*

cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*

cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*

cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*

cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*

cpe:2.3:a:python:python:2.7.7:*:*:*:*:*:*:*

cpe:2.3:a:python:python:2.7.8:*:*:*:*:*:*:*

cpe:2.3:a:python:python:2.7.9:*:*:*:*:*:*:*

cpe:2.3:a:python:python:2.7.10:*:*:*:*:*:*:*

cpe:2.3:a:python:python:2.7.11:*:*:*:*:*:*:*

cpe:2.3:a:python:python:2.7.12:*:*:*:*:*:*:*

cpe:2.3:a:python:python:2.7.13:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.0.0:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.1.0:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.3.4:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.3.5:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.3.6:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.4.0:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.4.1:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.4.2:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.4.3:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.4.4:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.4.5:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.4.6:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.4.7:*:*:*:*:*:*:*

cpe:2.3:a:python:python:3.5.0:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:simplejson_project:simplejson:*:*:*:*:*:python:*:*

Configuration 3

OR

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse_project:opensuse:12.3:*:*:*:*:*:*:*

Tenable Plugins

View all (19 total)

IDNameProductFamilySeverity
124937EulerOS Virtualization 3.0.1.0 : python (EulerOS-SA-2019-1434)NessusHuawei Local Security Checks
critical
87570Scientific Linux Security Update : python on SL7.x x86_64 (20151119)NessusScientific Linux Local Security Checks
high
87129CentOS 7 : python (CESA-2015:2101)NessusCentOS Local Security Checks
high
87020Oracle Linux 7 : python (ELSA-2015-2101)NessusOracle Linux Local Security Checks
high
86968RHEL 7 : python (RHSA-2015:2101)NessusRed Hat Local Security Checks
high
84428Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : python2.7, python3.2, python3.4 vulnerabilities (USN-2653-1)NessusUbuntu Local Security Checks
high
82329Mandriva Linux Security Advisory : python3 (MDVSA-2015:076)NessusMandriva Local Security Checks
high
82328Mandriva Linux Security Advisory : python (MDVSA-2015:075)NessusMandriva Local Security Checks
high
82009GLSA-201503-10 : Python: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
79238Fedora 19 : python3-3.3.2-10.fc19 (2014-14257)NessusFedora Local Security Checks
medium
79095Fedora 21 : python3-3.4.1-16.fc21 (2014-14208)NessusFedora Local Security Checks
medium
79076Fedora 20 : python3-3.3.2-18.fc20 (2014-14245)NessusFedora Local Security Checks
medium
78323Amazon Linux AMI : python27 (ALAS-2014-380)NessusAmazon Linux Local Security Checks
medium
78317Amazon Linux AMI : python-simplejson (ALAS-2014-374)NessusAmazon Linux Local Security Checks
medium
76540Fedora 19 : python3-3.3.2-9.fc19 (2014-8035)NessusFedora Local Security Checks
medium
76539Fedora 19 : python-2.7.5-13.fc19 (2014-7772)NessusFedora Local Security Checks
medium
76488openSUSE Security Update : python / python3 (openSUSE-SU-2014:0890-1)NessusSuSE Local Security Checks
medium
76471Mandriva Linux Security Advisory : python (MDVSA-2014:135)NessusMandriva Local Security Checks
low
76328Fedora 20 : python-2.7.5-13.fc20 (2014-7800)NessusFedora Local Security Checks
medium