10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
Python is vulnerable to Denial Of Service (DoS). Multiple buffer and integer overflow flaws were found in the Python Unicode string processing and in the Python Unicode and string object implementations. An attacker could use these flaws to cause a denial of service (Python application crash).
CPE | Name | Operator | Version |
---|---|---|---|
python | eq | 2.3.4__14.4.el4_6.1 | |
python | eq | 2.4.3__21.el5 | |
python | eq | 2.4.3__19.el5 | |
python | eq | 2.3.4__14.4.el4_6.1 | |
python | eq | 2.4.3__21.el5 | |
python | eq | 2.4.3__19.el5 |
lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
scary.beasts.org/security/CESA-2008-008.html
secunia.com/advisories/33937
secunia.com/advisories/35750
secunia.com/advisories/37471
security.gentoo.org/glsa/glsa-200907-16.xml
support.apple.com/kb/HT3438
svn.python.org/view/python/trunk/Objects/stringobject.c?rev=61350&view=diff&r1=61350&r2=61349&p1=python/trunk/Objects/stringobject.c&p2=/python/trunk/Objects/stringobject.c
svn.python.org/view/python/trunk/Objects/unicodeobject.c?rev=61350&view=diff&r1=61350&r2=61349&p1=python/trunk/Objects/unicodeobject.c&p2=/python/trunk/Objects/unicodeobject.c
svn.python.org/view?rev=61350&view=rev
www.openwall.com/lists/oss-security/2008/11/05/2
www.openwall.com/lists/oss-security/2008/11/05/3
www.redhat.com/security/updates/classification/#moderate
www.securityfocus.com/archive/1/507985/100/0/threaded
www.vmware.com/security/advisories/VMSA-2009-0016.html
www.vupen.com/english/advisories/2009/3316
access.redhat.com/errata/RHSA-2009:1176
exchange.xforce.ibmcloud.com/vulnerabilities/46612
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11280
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8564