Page 16 of 93 results (0.023 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in an untrusted directory. Tools/faqwiz/move-faqwiz.sh (también conocido como "la herramienta de movimiento del asistente genérico del FAQ") en Python 2.4.5, puede que permita a usuarios locales sobrescribir ficheros de su elección a través de un ataque de enlace simbólico en un fichero temporal tmp$RANDOM.tmp. NOTA: puede que no existan escenarios de uso comunes en los que tmp$RANDOM.tmp esté localizado en un directorio que no sea de confianza. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498899 http://marc.info/?l=oss-security&m=122148330903513&w=2 http://marc.info/?l=oss-security&m=122152861617434&w=2 http://securityreason.com/securityalert/4274 http://www.securityfocus.com/bid/31184 http://www.securitytracker.com/id?1020904 http://www.vupen.com/english/advisories/2008/2659 https://bugzilla.redhat.com/show_bug.cgi? • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1

Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro. Múltiples desbordamientos de búfer en Python 2.5.2 y anteriores en plataformas de 32bit. Permite a atacantes dependientes de contexto causar denegación de servicio (crash) o tener otros impactos no especificados a través de una cadena larga que conduce a una asignación incorrecta de memoria durante el procesamiento de la cadena Unicode, relacionado con la función unicode_resize y el macro PyMem_RESIZE. • http://bugs.gentoo.org/show_bug.cgi?id=232137 http://bugs.python.org/file10825/issue2620-gps02-patch.txt http://bugs.python.org/issue2620 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://secunia.com/advisories/31305 http://secunia.com/advisories/31332 http://secunia.com/advisories/31358 http://secunia.com/advisories/31365 http://secunia.com/advisories/31473 http://secunia. • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031. Múltiples desbordamientos de enteros en Python 2.5.2 y anteriores. Permite a atacantes dependientes de contexto a tener un impacto desconocido a través de vectores relacionados con el (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, y los módulos (6) stropmodule, (7) gcmodule, and (8) mmapmodule. • http://bugs.gentoo.org/attachment.cgi?id=159418&action=view http://bugs.gentoo.org/show_bug.cgi?id=230640 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://secunia.com/advisories/31305 http://secunia.com/advisories/31332 http://secunia.com/advisories/31358 http://secunia.com/advisories/31365 http://secunia.com/advisories/31518 http://secunia.com/advisories/31687 http://sec • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB." Desbordamiento de entero en _hashopenssl.c en el módulo hashlib en Python 2.5.2 y anteriores. Podría permitir a atacantes dependientes del contexto vencer resúmenes criptográficos, relativos a "comprobación parcial hashlib de datos que exceden de 4GB." • http://bugs.gentoo.org/attachment.cgi?id=159422&action=view http://bugs.gentoo.org/show_bug.cgi?id=230640 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://secunia.com/advisories/31305 http://secunia.com/advisories/31332 http://secunia.com/advisories/31358 http://secunia.com/advisories/31365 http://secunia.com/advisories/31473 http://secunia.com/advisories/31518 http://sec • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9) cjkcodecs/multibytecodec.c, (10) datetimemodule.c, (11) md5.c, (12) rgbimgmodule.c, and (13) stropmodule.c in Modules/; (14) bufferobject.c, (15) listobject.c, and (16) obmalloc.c in Objects/; (17) Parser/node.c; and (18) asdl.c, (19) ast.c, (20) bltinmodule.c, and (21) compile.c in Python/, as addressed by "checks for integer overflows, contributed by Google." Múltiples desbordamientos de enteros en Python anterior a 2.5.2 permitiría a atacantes dependientes de contexto a tener un impacto desconocido a través de vectores relacionados con (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9) cjkcodecs/multibytecodec.c, (10) datetimemodule.c, (11) md5.c, (12) rgbimgmodule.c, y (13) stropmodule.c en Modules/; (14) bufferobject.c, (15) listobject.c, y (16) obmalloc.c en Objects/; (17) Parser/node.c; y (18) asdl.c, (19) ast.c, (20) bltinmodule.c, y (21) compile.c en Python/, como ha sido indicado por "búsca desbordamiento de enteros, aportado por Google." • http://bugs.gentoo.org/show_bug.cgi?id=232137 http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://secunia.com/advisories/31332 http://secunia.com/advisories/31365 http://secunia.com/advisories/31473 http://secunia.com/advisories/31518 http://secunia.com/advisories/31687 http://secunia.com/advisories/32793 http://secunia.com/advisories/37471 http://security.gentoo.org/glsa/glsa-200807-16.xml http://svn.python.org/view?rev=60793&view=rev http • CWE-190: Integer Overflow or Wraparound •