Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-03-07T14:00:00Z

Updated: 2024-09-17T01:37:10.621Z

Reserved: 2018-03-07T00:00:00Z

Link: CVE-2018-1000117

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-03-07T14:29:00.280

Modified: 2024-11-21T03:39:40.980

Link: CVE-2018-1000117

cve-icon Redhat

No data.