CVE-2013-7459

Published: Feb 15, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.redhat.com/show_bug.cgi?id=1409754

x_refsource_CONFIRM

https://pony7.fr/ctf:public:32c3:cryptmsg

x_refsource_MISC

[oss-security] 20161227 Re: Buffer overflow in pycrypto

mailing-list

x_refsource_MLIST

FEDORA-2017-7c569d396b

vendor-advisory

x_refsource_FEDORA

https://github.com/dlitz/pycrypto/issues/176

x_refsource_CONFIRM

95122

vdb-entry

x_refsource_BID

FEDORA-2017-08207fe48b

vendor-advisory

x_refsource_FEDORA

GLSA-201702-14

vendor-advisory

x_refsource_GENTOO

https://github.com/dlitz/pycrypto/commit/8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-7459

Description

Affected Products

References