CVE-2018-1000117 in python3.5.5 LibreOffice 6.1.0

asked 2019-01-17 11:29:39 +0200

sukriti gravatar image

While scanning through blackduck, a vulnerability has been identified CVE-2018-1000117

Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.

How can we upgrade to python 3.7.0?

edit retag flag offensive close merge delete