10 matches found
SUSE CVE-2013-7338
Python before 3.3.4 RC1 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a file size value larger than the size of the zip file to the 1 ZipExtFile.read, 2 ZipExtFile.readn, 3 ZipExtFile.readlines, 4 ZipFile.extract, or 5 ZipFile.extractall function...
Mageia: Security Advisory (MGASA-2014-0140)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-201503-10 : Python: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201503-10 Python: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker may be able to execute...
Fedora 19 : python3-3.3.2-11.fc19 (2014-16479)
Fixes CVEs 2013-7338 and 2014-2667. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...
Fedora 20 : python3-3.3.2-19.fc20 (2014-16393)
Fixes CVEs 2013-7338 and 2014-2667. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...
Fedora Update for python3 FEDORA-2014-16393
Check the version of python3 SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868568";...
openSUSE Security Update : python3 (openSUSE-SU-2014:0498-1)
Python was updated to 3.3.5 fixing bugs and security issues : - bugfix-only release, closes several security bugs - CVE-2013-1752 bnc856836 - DoS flaws with unbounded reads from network - disable SSLv2 by default - DoS on maliciously crafted zip files CVE-2013-7338, bnc869222 -...
openSUSE Security Update : python3 (openSUSE-SU-2014:0597-1)
This python update fixes the following security and non-security issues : - bnc869222: Fixed DoS when opening malicious archives CVE-2013-7338. - bnc863741: Fixed buffer overflow in socket.recvfrominto CVE-2014-1912. - bnc871152: Fixed race condition with umask when creating directories with...
CVE-2013-7338
CVE-2013-7338 affects Python 3.3.x before 3.3.4 RC1. The vulnerability lies in the Zip handling APIs (ZipExtFile.read/readlines, ZipFile.extract/extractall, etc.), where a file size value larger than the actual zip can trigger an infinite loop and CPU denial of service. Impact is DoS; no exploita...
Updated python3 package fixes security vulnerabilities
ZipExtFile.read goes into 100% CPU infinite loop on maliciously binary edited zips CVE-2013-7338...