Acknowledged
Created: Mar 15, 2018
Updated: Aug 28, 2018
Found In Version: 7.0.0.28
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Userspace
Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.
https://nvd.nist.gov/vuln/detail/CVE-2018-1000117
