Description
Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow.
Remediation
References
Related Vulnerabilities
WordPress 5.4.x Prototype Pollution (5.4 - 5.4.9)
WordPress Plugin Lara's Google Analytics Cross-Site Scripting (2.0.4)
WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2003-1599)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3126)
Vanilla Forums Deserialization of Untrusted Data Vulnerability (CVE-2018-19499)