Benjamin C. Wiley Sittler discovered that Python’s repr() function did
not properly handle UTF-32/UCS-4 strings. If an application uses
repr() on arbitrary untrusted data, this could be exploited to execute
arbitrary code with the privileges of the python application.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 6.06 | noarch | python2.4-minimal | < 2.4.3-0ubuntu6 | UNKNOWN |
Ubuntu | 6.06 | noarch | python2.3-dbg | < 2.3.5-9ubuntu1.2 | UNKNOWN |
Ubuntu | 5.10 | noarch | python2.3 | < 2.3.5-8ubuntu0.2 | UNKNOWN |
Ubuntu | 5.10 | noarch | python2.4-minimal | < 2.4.2-1ubuntu0.2 | UNKNOWN |
Ubuntu | 5.04 | noarch | python2.3 | < 2.3.5-2ubuntu0.3 | UNKNOWN |
Ubuntu | 5.04 | noarch | python2.4-minimal | < 2.4.1-0ubuntu0.2 | UNKNOWN |