Python 2.5 vulnerabilities

2010-01-2100:00:00

ubuntu.com

8 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.077 Low

EPSS

Percentile

94.1%

JSON

Releases

Ubuntu 9.10
Ubuntu 9.04
Ubuntu 8.10
Ubuntu 8.04

Packages

python2.5 -

Details

USN-890-1 fixed vulnerabilities in Expat. This update provides the
corresponding updates for the PyExpat module in Python 2.5.

Original advisory details:

Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did
not properly process malformed XML. If a user or application linked against
Expat were tricked into opening a crafted XML file, an attacker could cause
a denial of service via application crash. (CVE-2009-2625, CVE-2009-3720)

It was discovered that Expat did not properly process malformed UTF-8
sequences. If a user or application linked against Expat were tricked into
opening a crafted XML file, an attacker could cause a denial of service via
application crash. (CVE-2009-3560)

OSVersionArchitecturePackageVersionFilename
Ubuntu9.10noarchpython2.5-minimal< 2.5.4-1ubuntu6.1UNKNOWN
Ubuntu9.10noarchpython2.5< 2.5.4-1ubuntu6.1UNKNOWN
Ubuntu9.10noarchpython2.5-dbg< 2.5.4-1ubuntu6.1UNKNOWN
Ubuntu9.10noarchpython2.5-dev< 2.5.4-1ubuntu6.1UNKNOWN
Ubuntu9.04noarchpython2.5-minimal< 2.5.4-1ubuntu4.1UNKNOWN
Ubuntu9.04noarchpython2.5< 2.5.4-1ubuntu4.1UNKNOWN
Ubuntu9.04noarchpython2.5-dbg< 2.5.4-1ubuntu4.1UNKNOWN
Ubuntu9.04noarchpython2.5-dev< 2.5.4-1ubuntu4.1UNKNOWN
Ubuntu8.10noarchpython2.5-minimal< 2.5.2-11.1ubuntu1.1UNKNOWN
Ubuntu8.10noarchpython2.5< 2.5.2-11.1ubuntu1.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	9.10	noarch	python2.5-minimal	< 2.5.4-1ubuntu6.1	UNKNOWN
Ubuntu	9.10	noarch	python2.5	< 2.5.4-1ubuntu6.1	UNKNOWN
Ubuntu	9.10	noarch	python2.5-dbg	< 2.5.4-1ubuntu6.1	UNKNOWN
Ubuntu	9.10	noarch	python2.5-dev	< 2.5.4-1ubuntu6.1	UNKNOWN
Ubuntu	9.04	noarch	python2.5-minimal	< 2.5.4-1ubuntu4.1	UNKNOWN
Ubuntu	9.04	noarch	python2.5	< 2.5.4-1ubuntu4.1	UNKNOWN
Ubuntu	9.04	noarch	python2.5-dbg	< 2.5.4-1ubuntu4.1	UNKNOWN
Ubuntu	9.04	noarch	python2.5-dev	< 2.5.4-1ubuntu4.1	UNKNOWN
Ubuntu	8.10	noarch	python2.5-minimal	< 2.5.2-11.1ubuntu1.1	UNKNOWN
Ubuntu	8.10	noarch	python2.5	< 2.5.2-11.1ubuntu1.1	UNKNOWN