Integer overflow in pywin32
Moderate severity
GitHub Reviewed
Published
Aug 9, 2021
to the GitHub Advisory Database
•
Updated Aug 31, 2023
Description
Published by the National Vulnerability Database
Jul 6, 2021
Reviewed
Jul 7, 2021
Published to the GitHub Advisory Database
Aug 9, 2021
Last updated
Aug 31, 2023
An integer overflow exists in pywin32 prior to version b301 when adding an access control entry (ACE) to an access control list (ACL) that would cause the size to be greater than 65535 bytes. An attacker who successfully exploited this vulnerability could crash the vulnerable process.
References