7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Benjamin C. Wiley Sittler discovered that the repr() of the Python
interpreter allocates insufficient memory when parsing UCS-4 Unicode
strings, which might lead to execution of arbitrary code through
a buffer overflow.
For the stable distribution (sarge) this problem has been fixed in
version 2.3.5-3sarge2. Due to build problems this update lacks fixed
packages for the Alpha and Sparc architectures. Once they are sorted
out, fixed binaries will be released.
For the unstable distribution (sid) this problem has been fixed in
version 2.3.5-16.
We recommend that you upgrade your Python 2.3 packages.
CPE | Name | Operator | Version |
---|---|---|---|
python2.3 | eq | 2.3.5-3 | |
python2.3 | eq | 2.3.5-3sarge1 |