Home CVE Database CVE-2018-1000117

CVE-2018-1000117

Description

Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.

Priority: HIGH
CVSS v3: 6.7
Publish Date: Mar 7, 2018
Related ID: --
CVSS v2: MEDIUM
Modified Date: Mar 7, 2018

Find out more about CVE-2018-1000117 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

python

Live chat
Online