CVE-2014-1912
EPSS 34.0%
Description
Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.
How to fix CVE-2014-1912
To remediate CVE-2014-1912, upgrade the affected package to a fixed version below.
- Debian/python2.7—upgrade to 2.7.6-6 or later
Is CVE-2014-1912 being exploited?
Moderate — EPSS is 34.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 2.7.6-6