Lucene search

K
ubuntucveUbuntu.comUB:CVE-2010-1634
HistoryMay 27, 2010 - 12:00 a.m.

CVE-2010-1634

2010-05-2700:00:00
ubuntu.com
ubuntu.com
12

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.007 Low

EPSS

Percentile

79.2%

Multiple integer overflows in audioop.c in the audioop module in Python
2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial
of service (application crash) via a large fragment, as demonstrated by a
call to audioop.lin2lin with a long string in the first argument, leading
to a buffer overflow. NOTE: this vulnerability exists because of an
incorrect fix for CVE-2008-3143.5.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchpython2.4< 2.4.5-1ubuntu4.4UNKNOWN
ubuntu8.04noarchpython2.5< 2.5.2-2ubuntu6.2UNKNOWN
ubuntu10.04noarchpython2.6< 2.6.5-1ubuntu6.1UNKNOWN
ubuntu10.04noarchpython3.1< 3.1.2-0ubuntu3.2UNKNOWN

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.007 Low

EPSS

Percentile

79.2%