4.3 Medium
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.4%
Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031.
CPE | Name | Operator | Version |
---|---|---|---|
python:python | python | le | 2.5.2 |
bugs.gentoo.org/attachment.cgi?id=159418&action=view
bugs.gentoo.org/show_bug.cgi?id=230640
lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
secunia.com/advisories/31305
secunia.com/advisories/31332
secunia.com/advisories/31358
secunia.com/advisories/31365
secunia.com/advisories/31518
secunia.com/advisories/31687
secunia.com/advisories/32793
secunia.com/advisories/33937
secunia.com/advisories/37471
secunia.com/advisories/38675
security.gentoo.org/glsa/glsa-200807-16.xml
slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.525289
support.apple.com/kb/HT3438
support.avaya.com/css/P8/documents/100074697
www.debian.org/security/2008/dsa-1667
www.mandriva.com/security/advisories?name=MDVSA-2008:163
www.mandriva.com/security/advisories?name=MDVSA-2008:164
www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5032900
www.openwall.com/lists/oss-security/2008/11/05/2
www.openwall.com/lists/oss-security/2008/11/05/3
www.securityfocus.com/archive/1/507985/100/0/threaded
www.securityfocus.com/bid/30491
www.ubuntu.com/usn/usn-632-1
www.vmware.com/security/advisories/VMSA-2009-0016.html
www.vupen.com/english/advisories/2008/2288
www.vupen.com/english/advisories/2009/3316
exchange.xforce.ibmcloud.com/vulnerabilities/44172
exchange.xforce.ibmcloud.com/vulnerabilities/44173
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8445
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8683
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9761