Home

CVE-2014-7185

Description

Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a buffer function.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.976

Associated Vulnerability

VulnerabilityOS Platform
Vulnerability CVE-2014-7185 are affected in Python 2.7.2150Windows
Multiple vulnerabilities are fixed in OS X Yosemite 10.10.5 UpdateMac
Multiple vulnerabilities are fixed in OS X Yosemite 10.10.5 Combo UpdateMac
Multiple Vulnerabilities are affected in Python for MAC 2.7.1Mac
Multiple Vulnerabilities are affected in Python for MAC 2.7.1150Mac
Multiple Vulnerabilities are affected in Python for MAC 2.7.2Mac
Multiple Vulnerabilities are affected in Python for MAC 2.7.2150Mac
Multiple Vulnerabilities are affected in Python for MAC 2.7.3Mac
Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-7185,CVE-2014-9365 are affected in Python for MAC 2.7.4Mac
Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-7185,CVE-2014-9365 are affected in Python for MAC 2.7.5Mac
Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-7185,CVE-2014-9365 are affected in Python for MAC 2.7.6Mac
Vulnerabilities CVE-2014-7185 are affected in Python for MAC 2.7.7-rc1Mac
Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-7185,CVE-2014-9365 are affected in Python for MAC 2.7.4Mac
Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-7185,CVE-2014-9365 are affected in Python for MAC 2.7.5Mac
Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-7185,CVE-2014-9365 are affected in Python for MAC 2.7.6Mac
Vulnerabilities CVE-2014-7185 are affected in Python for MAC 2.7.7-rc1Mac
An interactive high-level object-oriented language (USN-2653-1) python3.4_3.4.0-2ubuntu1.1_i386.debLinux
An interactive high-level object-oriented language (USN-2653-1) python3.4_3.4.0-2ubuntu1.1_amd64.debLinux
An interactive high-level object-oriented language (USN-2653-1) python3.4-minimal_3.4.0-2ubuntu1.1_i386.debLinux
An interactive high-level object-oriented language (USN-2653-1) python3.4-minimal_3.4.0-2ubuntu1.1_amd64.debLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) libpython2_7-1_0-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) libpython2_7-1_0-32bit-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) libpython2_7-1_0-debuginfo-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) libpython2_7-1_0-debuginfo-32bit-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) python-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Server 12 ) python-32bit-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) python-base-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Server 12 ) python-base-32bit-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) python-base-debuginfo-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) python-base-debuginfo-32bit-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) python-base-debugsource-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) python-curses-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) python-curses-debuginfo-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) python-debuginfo-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Server 12 ) python-debuginfo-32bit-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) python-debugsource-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Server 12 ) python-demo-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) python-devel-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Server 12 ) python-doc-2.7.9-14.3.noarch.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Server 12 ) python-doc-pdf-2.7.9-14.3.noarch.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Server 12 ) python-gdbm-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Server 12 ) python-gdbm-debuginfo-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Server 12 ) python-idle-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) python-tk-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) python-tk-debuginfo-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) python-xml-2.7.9-14.1.x86_64.rpmLinux
SUSE-SU-2015:1344-1(SUSE Linux Enterprise Desktop 12 ) python-xml-debuginfo-2.7.9-14.1.x86_64.rpmLinux
CVE-2014-7185NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-600354OS X Yosemite 10.10.5 Update
PATCH-600458OS X Yosemite 10.10.5 Combo Update
PATCH-611773Python for MAC 3.13.7
PATCH-611773Python for MAC 3.13.7
PATCH-611773Python for MAC 3.13.7
PATCH-611773Python for MAC 3.13.7
PATCH-611773Python for MAC 3.13.7
PATCH-611773Python for MAC 3.13.7
PATCH-611773Python for MAC 3.13.7
PATCH-611773Python for MAC 3.13.7
PATCH-611773Python for MAC 3.13.7
PATCH-611773Python for MAC 3.13.7
PATCH-611773Python for MAC 3.13.7
PATCH-611773Python for MAC 3.13.7
PATCH-611773Python for MAC 3.13.7

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234