CVE-2021-32559
Summary
| CVE | CVE-2021-32559 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2021-07-06 12:15:00 UTC |
|---|
| Updated | 2021-09-14 14:40:00 UTC |
|---|
| Description | An integer overflow exists in pywin32 prior to version b301 when adding an access control entry (ACE) to an access control list (ACL) that would cause the size to be greater than 65535 bytes. An attacker who successfully exploited this vulnerability could crash the vulnerable process. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| PyACL - Fixing integer overflows that occur when resizing ACLs by joshua-triplett-mandiant · Pull Request #1701 · mhammond/pywin32 · GitHub |
MISC |
github.com |
|
| Releases · mhammond/pywin32 · GitHub |
MISC |
github.com |
|
| Integer overflow in PyACL · Issue #1700 · mhammond/pywin32 · GitHub |
MISC |
github.com |
|
| Vulnerability-Disclosures/FEYE-2021-0017.md at master · fireeye/Vulnerability-Disclosures · GitHub |
MISC |
github.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 379545 Splunk Enterprise Third Party Package Updates for March 2024 (SVD-2024-0303)
- 981720 Python (pip) Security Update for pywin32 (GHSA-hwfp-hg2m-9vr2)
