Description

CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)

Remediation

References

CVE-2017-1000158

Related Vulnerabilities

Internet Information Services Other Vulnerability (CVE-2002-1695)

WordPress Plugin User Activity Log Multiple Cross-Site Scripting Vulnerabilities (1.4.6)

WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk SQL Injection (5.148)

WordPress Plugin MyBookTable Bookstore by Author Media Unspecified Vulnerability (2.1.4)

WordPress Plugin Comments-wpDiscuz Cross-Site Request Forgery (3.2.8)

Severity

Critical

Classification

CVE-2017-1000158 CWE-190 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities