CVE-2014-7185

Published: 08 October 2014

Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.

Priority

Low

Status

Package Release Status
python2.7
Launchpad, Ubuntu, Debian
Upstream
Released (2.7.8)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2.7.6-8ubuntu0.2)
Patches:
Upstream: https://hg.python.org/cpython/rev/8d963c7db507/
python3.2
Launchpad, Ubuntu, Debian
Upstream Not vulnerable

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

python3.4
Launchpad, Ubuntu, Debian
Upstream Not vulnerable

Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(code not present)