An integer overflow flaw was found in the way the buffer() function handled its offset and size arguments. An attacker able to control those arguments could use this flaw to disclose portions of the application memory or cause it to crash.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 1 | python26 | 2015-12-14 10:00 | ALAS-2015-621 |
Amazon Linux 1 | python27 | 2014-11-05 12:15 | ALAS-2014-440 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv2 | 4.0 | AV:N/AC:H/Au:N/C:P/I:N/A:P |
NVD | CVSSv2 | 6.4 | AV:N/AC:L/Au:N/C:P/I:N/A:P |