Unrated severityNVD Advisory· Published Oct 8, 2014· Updated Jun 17, 2026
CVE-2014-7185
CVE-2014-7185
Description
Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
33cpe:2.3:a:python:python:*:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:python:python:*:*:*:*:*:*:*:*range: <=2.7.7
- cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*
- cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*
- (no CPE)range: < 2.7.8
- osv-coords20 versionspkg:rpm/opensuse/python-base&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/python&distro=openSUSE%20Tumbleweedpkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP1pkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012pkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015pkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP1pkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP1pkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/python-doc&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/python-doc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
< 2.7.12-1.4+ 19 more
- (no CPE)range: < 2.7.12-1.4
- (no CPE)range: < 2.7.18-8.1
- (no CPE)range: < 2.7.9-14.1
- (no CPE)range: < 2.7.17-7.32.1
- (no CPE)range: < 2.7.17-7.32.1
- (no CPE)range: < 2.7.17-7.32.1
- (no CPE)range: < 2.7.9-14.1
- (no CPE)range: < 2.7.9-14.1
- (no CPE)range: < 2.7.9-14.1
- (no CPE)range: < 2.7.9-14.1
- (no CPE)range: < 2.7.9-14.1
- (no CPE)range: < 2.7.17-7.32.2
- (no CPE)range: < 2.7.17-7.32.2
- (no CPE)range: < 2.7.17-7.32.2
- (no CPE)range: < 2.7.17-7.32.2
- (no CPE)range: < 2.7.17-7.32.2
- (no CPE)range: < 2.7.9-14.1
- (no CPE)range: < 2.7.9-14.1
- (no CPE)range: < 2.7.9-14.3
- (no CPE)range: < 2.7.9-14.3
Patches
Vulnerability mechanics
References
15- bugs.python.org/issue21831nvdExploit
- www.openwall.com/lists/oss-security/2014/09/23/5nvdExploit
- bugzilla.redhat.com/show_bug.cginvdExploit
- support.apple.com/kb/HT205031nvdVendor Advisory
- lists.apple.com/archives/security-announce/2015/Aug/msg00001.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2014-October/139663.htmlnvd
- lists.opensuse.org/opensuse-updates/2014-10/msg00016.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-1064.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-1330.htmlnvd
- www.openwall.com/lists/oss-security/2014/09/25/47nvd
- www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.htmlnvd
- www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlnvd
- www.securityfocus.com/bid/70089nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/96193nvd
- security.gentoo.org/glsa/201503-10nvd
News mentions
0No linked articles in our index yet.