CVE-2013-7338 in Pythoninfo

Summary

Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.

Reservation

03/18/2014

Disclosure

04/22/2014

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
12088	Python zipfile.py ZipExtFile._read2 input validation	20	Proof-of-Concept	Official fix	CVE-2013-7338

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Want to know what is going to be exploited?

We predict KEV entries!