[Forgot Password]
Login  Register Subscribe

24003

 
 

131425

 
 

103942

 
 

909

 
 

84057

 
 

133

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2008-2315Date: (C)2008-08-01   (M)2017-10-04


Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 7.5
Exploit Score: Exploit Score: 10.0
Impact Score: Impact Score: 6.4
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: NETWORK
Attack Complexity: Access Complexity: LOW
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: PARTIAL
Scope: Integrity: PARTIAL
Confidentiality: Availability: PARTIAL
Integrity:  
Availability:  
  
Reference:
http://www.securityfocus.com/archive/1/archive/1/507985/100/0/threaded
BID-30491
SECUNIA-31305
SECUNIA-31332
SECUNIA-31358
SECUNIA-31365
SECUNIA-31518
SECUNIA-31687
SECUNIA-32793
SECUNIA-33937
SECUNIA-37471
SECUNIA-38675
ADV-2008-2288
ADV-2009-3316
APPLE-SA-2009-02-12
DSA-1667
GLSA-200807-16
MDVSA-2008:163
MDVSA-2008:164
SSA:2008-217-01
SUSE-SR:2008:017
USN-632-1
http://www.openwall.com/lists/oss-security/2008/11/05/2
http://www.openwall.com/lists/oss-security/2008/11/05/3
http://bugs.gentoo.org/attachment.cgi?id=159418&action=view
http://bugs.gentoo.org/show_bug.cgi?id=230640
http://support.apple.com/kb/HT3438
http://support.avaya.com/css/P8/documents/100074697
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5032900
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
python-modules-bo(44172)
python-multiple-bo(44173)

CWE    1
CWE-189
OVAL    10
oval:org.secpod.oval:def:17184
oval:org.secpod.oval:def:301568
oval:org.secpod.oval:def:500692
oval:org.secpod.oval:def:500535
...

© 2013 SecPod Technologies