Lucene search

[email protected]CVE-2006-4980

HistoryOct 10, 2006 - 4:06 a.m.

CVE-2006-4980

2006-10-1004:06:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-4980

buffer overflow

python 2.3

python 2.6

denial of service

arbitrary code

nvd

7.4 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

85.1%

JSON

Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts.

CPENameOperatorVersion
python:pythonpythonlt2.4.4
python:pythonpythonlt2.3.6

CPE	Name	Operator	Version
python:python	python	lt	2.4.4
python:python	python	lt	2.3.6

References

ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc

bugs.debian.org/cgi-bin/bugreport.cgi?bug=391589

bugzilla.redhat.com/bugzilla/show_bug.cgi?id=208162

kb.vmware.com/KanisaPlatform/Publishing/882/5120103_f.SAL_Public.html

secunia.com/advisories/22276

secunia.com/advisories/22297

secunia.com/advisories/22303

secunia.com/advisories/22357

secunia.com/advisories/22358

secunia.com/advisories/22379

secunia.com/advisories/22448

secunia.com/advisories/22487

secunia.com/advisories/22512

secunia.com/advisories/22531

secunia.com/advisories/22639

secunia.com/advisories/23680

secunia.com/advisories/31492

security.gentoo.org/glsa/glsa-200610-07.xml

securitytracker.com/id?1017019

sourceforge.net/tracker/index.php?func=detail&aid=1541585&group_id=5470&atid=305470

support.avaya.com/elmodocs2/security/ASA-2006-229.htm

www.debian.org/security/2006/dsa-1197

www.debian.org/security/2006/dsa-1198

www.mandriva.com/security/advisories?name=MDKSA-2006:181

www.novell.com/linux/security/advisories/2006_25_sr.html

www.redhat.com/support/errata/RHSA-2006-0713.html

www.redhat.com/support/errata/RHSA-2008-0629.html

www.securityfocus.com/archive/1/448244/100/100/threaded

www.securityfocus.com/archive/1/456546/100/200/threaded

www.securityfocus.com/bid/20376

www.ubuntu.com/usn/usn-359-1

www.vmware.com/support/vi3/doc/esx-3069097-patch.html

www.vmware.com/support/vi3/doc/esx-9986131-patch.html

www.vupen.com/english/advisories/2006/3940

www.vupen.com/english/advisories/2006/5131

zoehep.xent.com/~bsittler/python2.4-2.4.3_unicodeobject.c.diff

exchange.xforce.ibmcloud.com/vulnerabilities/29408

issues.rpath.com/browse/RPL-702

launchpad.net/distros/ubuntu/+source/python2.4/+bug/56633

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10789

7.4 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

85.1%

JSON

Related for CVE-2006-4980

openvas11 nessus15 osv2 ubuntu1 ubuntucve1 f52 debian2 oraclelinux1 redhat4 securityvulns1 gentoo1 centos1 freebsd1 cvelist1