// For flags

CVE-2014-4616

python: missing boundary check in JSON module

Severity Score

5.9
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.

Un error de índice de matriz en la función scanstring en el módulo the _json en Python 2.7 en su versión 3.5 y simplejson en su versión 2.6.1 permite que atacantes dependientes del contexto lean archivos arbitrarios de la memoria de proceso mediante un valor de índice negativo en el argumento idx en la función raw_decode function.

A flaw was found in the way the json module handled negative index argument passed to certain functions (such as raw_decode()). An attacker able to control index value passed to one of the affected functions could possibly use this flaw to disclose portions of the application memory.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2014-06-24 CVE Reserved
  • 2014-07-11 CVE Published
  • 2023-11-28 EPSS Updated
  • 2024-08-06 CVE Updated
  • 2024-08-06 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
  • CWE-129: Improper Validation of Array Index
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Python
Search vendor "Python"
Python
Search vendor "Python" for product "Python"
>= 2.7.0 < 2.7.7
Search vendor "Python" for product "Python" and version " >= 2.7.0 < 2.7.7"
-
Affected
Python
Search vendor "Python"
Python
Search vendor "Python" for product "Python"
>= 3.0.0 < 3.2.6
Search vendor "Python" for product "Python" and version " >= 3.0.0 < 3.2.6"
-
Affected
Python
Search vendor "Python"
Python
Search vendor "Python" for product "Python"
>= 3.3.0 < 3.3.6
Search vendor "Python" for product "Python" and version " >= 3.3.0 < 3.3.6"
-
Affected
Python
Search vendor "Python"
Python
Search vendor "Python" for product "Python"
>= 3.4.0 < 3.4.1
Search vendor "Python" for product "Python" and version " >= 3.4.0 < 3.4.1"
-
Affected
Simplejson Project
Search vendor "Simplejson Project"
Simplejson
Search vendor "Simplejson Project" for product "Simplejson"
< 2.6.1
Search vendor "Simplejson Project" for product "Simplejson" and version " < 2.6.1"
python
Affected
Opensuse
Search vendor "Opensuse"
Opensuse
Search vendor "Opensuse" for product "Opensuse"
13.1
Search vendor "Opensuse" for product "Opensuse" and version "13.1"
-
Affected
Opensuse Project
Search vendor "Opensuse Project"
Opensuse
Search vendor "Opensuse Project" for product "Opensuse"
12.3
Search vendor "Opensuse Project" for product "Opensuse" and version "12.3"
-
Affected