PYSEC-2021-112

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/pywin32/PYSEC-2021-112.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2021-112

Aliases

CVE-2021-32559
GHSA-hwfp-hg2m-9vr2

Published

2021-07-06T12:15:00Z

Modified

2023-11-01T04:55:24.590675Z

Summary

[none]

Details

An integer overflow exists in pywin32 prior to version b301 when adding an access control entry (ACE) to an access control list (ACL) that would cause the size to be greater than 65535 bytes. An attacker who successfully exploited this vulnerability could crash the vulnerable process.

References

https://github.com/mhammond/pywin32/releases
https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0017/FEYE-2021-0017.md
https://github.com/advisories/GHSA-hwfp-hg2m-9vr2

Affected packages

PyPI / pywin32

Package

Name: pywin32; View open source insights on deps.dev
Purl: pkg:pypi/pywin32

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

301

Affected versions

Other

210

214

222

223

224

225

226

227

228

300