CVE-2008-3143

2008-08-0100:00:00

ubuntu.com

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.6%

JSON

Multiple integer overflows in Python before 2.5.2 might allow
context-dependent attackers to have an unknown impact via vectors related
to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5)
audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9)
cjkcodecs/multibytecodec.c, (10) datetimemodule.c, (11) md5.c, (12)
rgbimgmodule.c, and (13) stropmodule.c in Modules/; (14) bufferobject.c,
(15) listobject.c, and (16) obmalloc.c in Objects/; (17) Parser/node.c; and
(18) asdl.c, (19) ast.c, (20) bltinmodule.c, and (21) compile.c in Python/,
as addressed by “checks for integer overflows, contributed by Google.”

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchpython2.4< 2.4.3-0ubuntu6.2UNKNOWN
ubuntu7.04noarchpython2.4< 2.4.4-2ubuntu7.2UNKNOWN
ubuntu7.10noarchpython2.4< 2.4.4-6ubuntu4.2UNKNOWN
ubuntu7.04noarchpython2.5< 2.5.1-0ubuntu1.2UNKNOWN
ubuntu7.10noarchpython2.5< 2.5.1-5ubuntu5.2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	6.06	noarch	python2.4	< 2.4.3-0ubuntu6.2	UNKNOWN
ubuntu	7.04	noarch	python2.4	< 2.4.4-2ubuntu7.2	UNKNOWN
ubuntu	7.10	noarch	python2.4	< 2.4.4-6ubuntu4.2	UNKNOWN
ubuntu	7.04	noarch	python2.5	< 2.5.1-0ubuntu1.2	UNKNOWN
ubuntu	7.10	noarch	python2.5	< 2.5.1-5ubuntu5.2	UNKNOWN