CVE-2016-5636 — Integer Overflow or Wraparound in Python

CWE-190 — Integer Overflow or Wraparound CWE-20 — Improper Input Validation CWE-122 — Heap-based Buffer Overflow17 documents9 sources

Severity

9.8CRITICALNVD

OSV6.5

EPSS

38.6%

top 2.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Python2.7 Python Apple Macos Sierra 10.12.4 Security Update 2017-001 EL Capitan AND Security Update 201

Timeline

PublishedSep 2

Latest updateMay 25

Description

Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

▶debiandebian/python2.7< python2.7 2.7.12~rc1-1 (bullseye)

▶NVDpython/python2.7.11+29

▶Appleapple/macos_sierra_10.12.4_security_update_2017-001_el_capitan_and_security_update_201

Patches

Patch: bugs.python.org ↗Patch: bugs.python.org ↗

🔴Vulnerability Details

GHSA

GHSA-f5qq-9gj3-v9hw: Integer overflow in the get_data function in zipimport↗2022-05-14

▶

OSV

python2.7, python3.2, python3.4, python3.5 vulnerabilities↗2016-11-22

▶

OSV

CVE-2016-5636: Integer overflow in the get_data function in zipimport↗2016-09-02

▶

📋Vendor Advisories

Apple

CVE-2016-5636: macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite↗2017-03-27

▶

Ubuntu

Python vulnerabilities↗2016-11-22

▶

Red Hat

python: Heap overflow in zipimporter module↗2016-01-21

▶

Debian

CVE-2016-5636: python2.7 - Integer overflow in the get_data function in zipimport.c in CPython (aka Python)...↗2016

▶

📄Research Papers

arXiv

Path-wise Vulnerability Mitigation↗2024-05-25

▶

arXiv

An Empirical Analysis of Vulnerabilities in Python Packages for Web Applications↗2018-11-16

▶

💬Community

Bugzilla

CVE-2016-5636 python34: python: Heap overflow in zipimporter module [epel-7]↗2016-07-14

▶

Bugzilla

CVE-2016-5636 python: Heap overflow in zipimporter module↗2016-06-13

▶

Bugzilla

CVE-2016-5636 jython: python: Heap overflow in zipimporter module [fedora-all]↗2016-06-13

▶

Bugzilla

CVE-2016-5636 jython: python: Heap overflow in zipimporter module [epel-5]↗2016-06-13

▶

Bugzilla

CVE-2016-5636 python26: python: Heap overflow in zipimporter module [epel-5]↗2016-06-13

▶