Veracode Vulnerability DatabaseVERACODE:24361Arbitrary Code Execution
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
python is vulnerable to arbitrary code execution. The vulnerability exists as multiple flaws were found in the Python audioop module. Supplying certain inputs could cause the audioop module to crash or, possibly, execute arbitrary code.
References
bugs.python.org/issue7673
lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html
lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
secunia.com/advisories/40194
secunia.com/advisories/42888
secunia.com/advisories/43068
secunia.com/advisories/50858
secunia.com/advisories/51024
secunia.com/advisories/51040
secunia.com/advisories/51087
support.apple.com/kb/HT5002
www.redhat.com/support/errata/RHSA-2011-0027.html
www.securityfocus.com/bid/40863
www.ubuntu.com/usn/USN-1596-1
www.ubuntu.com/usn/USN-1613-1
www.ubuntu.com/usn/USN-1613-2
www.ubuntu.com/usn/USN-1616-1
www.vupen.com/english/advisories/2010/1448
www.vupen.com/english/advisories/2011/0122
www.vupen.com/english/advisories/2011/0212
access.redhat.com/errata/RHSA-2011:0027
access.redhat.com/security/updates/classification/#low
bugzilla.redhat.com/show_bug.cgi?id=598197
Related
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P