Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the functions:
ZipExtFile.read()
ZipExtFile.readlines()
ZipFile.extract()
ZipFile.extractall()
Reading malformed zipfiles no longer hangs with 100% CPU consumption.
Python 2.7 is not affected.
Dates:
Disclosure date: 2013-12-27 (Python issue bpo-20078 reported)
Python 3.3.4 (2014-02-09) fixed by commit 5ce3f10 (branch 3.3) (2014-01-09)
Python 3.4.0 (2014-03-16) fixed by commit 5ce3f10 (branch 3.3) (2014-01-09)
zipfile - ZipExtFile.read goes into 100% CPU infinite loop on maliciously binary edited zips.
Python issue: bpo-20078
Creation date: 2013-12-27
Reporter: Nandiya
Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.
CVE ID: CVE-2013-7338
Published: 2014-04-22
CVSS Score: 7.1
Timeline using the disclosure date 2013-12-27 as reference:
2013-12-27: Python issue bpo-20078 reported by Nandiya
2014-01-09 (+13 days): commit 5ce3f10 (branch 3.3)
2014-02-09 (+44 days): Python 3.3.4 released
2014-03-16: Python 3.4.0 released
2014-04-22 (+116 days): CVE-2013-7338 published
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4