Lucene search

K
freebsdFreeBSDEC41C3E2-129C-11DD-BAB7-0016179B2DD5
HistoryApr 10, 2008 - 12:00 a.m.

python -- Integer Signedness Error in zlib Module

2008-04-1000:00:00
vuxml.freebsd.org
9

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.101 Low

EPSS

Percentile

94.8%

Justin Ferguson reports:

Integer signedness error in the zlib extension module in Python
2.5.2 and earlier allows remote attackers to execute arbitrary code
via a negative signed integer, which triggers insufficient memory
allocation and a buffer overflow.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchpython23< 2.3.6_1UNKNOWN
FreeBSDanynoarchpython24< 2.4.5_1UNKNOWN
FreeBSDanynoarchpython25< 2.5.2_2UNKNOWN

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.101 Low

EPSS

Percentile

94.8%