CVE-2013-7338
Published Apr 22, 2014
Last updated 5 years ago
Overview
- Description
- Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.1
- Impact score
- 6.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-20
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:python:python:3.3.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A8F5D6EE-7E52-4E82-AFA3-056E2CCA6A95"
},
{
"criteria": "cpe:2.3:a:python:python:3.3.0:alpha1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F699D1AE-6297-4F3E-B276-7DC246CAACA7"
},
{
"criteria": "cpe:2.3:a:python:python:3.3.0:alpha2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19C43276-7B2C-4E74-BB71-671934F5BB64"
},
{
"criteria": "cpe:2.3:a:python:python:3.3.0:alpha3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "873A7118-EEFD-49CC-B778-6E91942C6FC2"
},
{
"criteria": "cpe:2.3:a:python:python:3.3.0:alpha4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F96A8F58-C28D-4EB2-A3D5-276D17E8E0DE"
},
{
"criteria": "cpe:2.3:a:python:python:3.3.0:beta1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2ACF1669-4D46-4D44-972C-A2D5E5D51069"
},
{
"criteria": "cpe:2.3:a:python:python:3.3.0:beta2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7FF3E0E-3D41-47D0-AE18-ADB2EC2942BE"
},
{
"criteria": "cpe:2.3:a:python:python:3.3.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F358C4D2-7A49-4092-BB17-9423E5381F44"
},
{
"criteria": "cpe:2.3:a:python:python:3.3.0:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D17DA663-B755-4D41-A151-347036187E92"
},
{
"criteria": "cpe:2.3:a:python:python:3.3.0:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A837C0BC-C3C8-47B8-8BEA-8F01F4B1A35B"
},
{
"criteria": "cpe:2.3:a:python:python:3.3.1:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3FC85C4C-B721-4BD9-BFFD-DCEC32A77FB9"
},
{
"criteria": "cpe:2.3:a:python:python:3.3.1:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D553F40-92C2-4537-AF74-5F9307E20AE4"
},
{
"criteria": "cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "121225D0-C5DA-4F26-93B8-3D56BC1D38B1"
},
{
"criteria": "cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52DD66F7-FE7B-4C1C-B07B-F9E4CEEA7AFD"
},
{
"criteria": "cpe:2.3:a:python:python:3.3.3:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D540913-0EEF-413B-8AFD-82E858844FD6"
},
{
"criteria": "cpe:2.3:a:python:python:3.3.3:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BFD75566-C783-4B16-9FF1-4AC2670310F2"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7883E465-932D-4C11-AA54-97E44181F906",
"versionEndIncluding": "10.10.4"
}
],
"operator": "OR"
}
]
}
]