[Forgot Password]
Login  Register Subscribe

23631

 
 

126951

 
 

99602

 
 

909

 
 

80198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-2315

Date: (C)2008-08-01   (M)2017-11-18 


Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031.

CVSS Score: 7.5Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL





Reference:
http://www.securityfocus.com/archive/1/archive/1/507985/100/0/threaded
BID-30491
SECUNIA-31305
SECUNIA-31332
SECUNIA-31358
SECUNIA-31365
SECUNIA-31518
SECUNIA-31687
SECUNIA-32793
SECUNIA-33937
SECUNIA-37471
SECUNIA-38675
ADV-2008-2288
ADV-2009-3316
APPLE-SA-2009-02-12
DSA-1667
GLSA-200807-16
MDVSA-2008:163
MDVSA-2008:164
SSA:2008-217-01
SUSE-SR:2008:017
USN-632-1
http://www.openwall.com/lists/oss-security/2008/11/05/2
http://www.openwall.com/lists/oss-security/2008/11/05/3
http://bugs.gentoo.org/attachment.cgi?id=159418&action=view
http://bugs.gentoo.org/show_bug.cgi?id=230640
http://support.apple.com/kb/HT3438
http://support.avaya.com/css/P8/documents/100074697
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5032900
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
python-modules-bo(44172)
python-multiple-bo(44173)

CWE    1
CWE-189
OVAL    10
oval:org.secpod.oval:def:17184
oval:org.secpod.oval:def:301568
oval:org.secpod.oval:def:500692
oval:org.secpod.oval:def:500535
...

© 2013 SecPod Technologies