CVE-2014-4616

Published: Aug 24, 2017Modified: May 13, 2026

5.9

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.2 / Impact: 3.6

Source: NVD

Description

Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.

Affected (7)

Products: Python: Python · Simplejson Project: Simplejson · Opensuse: Opensuse · +1 more

Show all products

Python: Python · Simplejson Project: Simplejson · Opensuse: Opensuse · Opensuse Project: Opensuse

1 product

Simplejson Project

1 product

1 product

Opensuse Project

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Python Python	From 2.7.0 to 2.7.7
Python Python	From 3.0.0 to 3.2.6
Python Python	From 3.3.0 to 3.3.6
Python Python	From 3.4.0 to 3.4.1

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Simplejson Project Simplejson	Before 2.6.1

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Opensuse Opensuse	Version 13.1
Opensuse Project Opensuse	Version 12.3

Related CWEs

Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

References (18)

http://bugs.python.org/issue21529

Source: cve@mitre.org

Issue TrackingVendor Advisory

http://lists.opensuse.org/opensuse-updates/2014-07/msg00015.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://openwall.com/lists/oss-security/2014/06/24/7

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-1064.html

Source: cve@mitre.org

Third Party Advisory

http://www.securityfocus.com/bid/68119

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752395

Source: cve@mitre.org

Issue TrackingMailing ListThird Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1112285

Source: cve@mitre.org

Issue TrackingPatchThird Party Advisory

https://hackerone.com/reports/12297

Source: cve@mitre.org

ExploitPatchThird Party Advisory

https://security.gentoo.org/glsa/201503-10

Source: cve@mitre.org

PatchThird Party AdvisoryVDB Entry

http://bugs.python.org/issue21529

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingVendor Advisory

http://lists.opensuse.org/opensuse-updates/2014-07/msg00015.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://openwall.com/lists/oss-security/2014/06/24/7

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-1064.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.securityfocus.com/bid/68119

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752395

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingMailing ListThird Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1112285

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

https://hackerone.com/reports/12297

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchThird Party Advisory

https://security.gentoo.org/glsa/201503-10

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party AdvisoryVDB Entry

Timeline

No history available yet.