[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-2315

Date: (C)2008-08-01   (M)2017-10-04
 
CVSS Score: 7.5Access Vector: NETWORK
Exploitability Subscore: 10.0Access Complexity: LOW
Impact Subscore: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL











Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031.

Reference:
http://www.securityfocus.com/archive/1/archive/1/507985/100/0/threaded
BID-30491
SECUNIA-31305
SECUNIA-31332
SECUNIA-31358
SECUNIA-31365
SECUNIA-31518
SECUNIA-31687
SECUNIA-32793
SECUNIA-33937
SECUNIA-37471
SECUNIA-38675
ADV-2008-2288
ADV-2009-3316
APPLE-SA-2009-02-12
DSA-1667
GLSA-200807-16
MDVSA-2008:163
MDVSA-2008:164
SSA:2008-217-01
SUSE-SR:2008:017
USN-632-1
http://www.openwall.com/lists/oss-security/2008/11/05/2
http://www.openwall.com/lists/oss-security/2008/11/05/3
http://bugs.gentoo.org/attachment.cgi?id=159418&action=view
http://bugs.gentoo.org/show_bug.cgi?id=230640
http://support.apple.com/kb/HT3438
http://support.avaya.com/css/P8/documents/100074697
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5032900
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
python-modules-bo(44172)
python-multiple-bo(44173)

CWE    1
CWE-189
OVAL    10
oval:org.secpod.oval:def:17184
oval:org.secpod.oval:def:301568
oval:org.secpod.oval:def:500692
oval:org.secpod.oval:def:500535
...

© 2013 SecPod Technologies