Description
Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.
Remediation
References
Related Vulnerabilities
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4593)
WordPress Plugin WP Meta and Date Remover Cross-Site Request Forgery (1.7.5)
WordPress Plugin Enable Media Replace Directory Traversal (3.6.3)
WordPress Plugin Gravity Forms FreshDesk Cross-Site Scripting (1.2.8)