Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2010-2089
HistoryMay 27, 2010 - 7:30 p.m.

CVE-2010-2089

2010-05-2719:30:01
Debian Security Bug Tracker
security-tracker.debian.org
10

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.023 Low

EPSS

Percentile

89.8%

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.

OSVersionArchitecturePackageVersionFilename
Debian11allpython2.7< 2.7-1python2.7_2.7-1_all.deb
Debian10allpython2.7< 2.7-1python2.7_2.7-1_all.deb

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.023 Low

EPSS

Percentile

89.8%