CVSS: 10.0EPSS: 3%CPEs: 4EXPL: 0CVE-2008-5031 – python: stringobject, unicodeobject integer overflows
https://notcve.org/view.php?id=CVE-2008-5031
10 Nov 2008 — Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. NOTE: this vulnerability reportedly exists because of an incomplete fix for CVE-2008-2315. Múltiples desbordamientos de enteros en Python versiones 2.2.3 hasta 2.... • http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 18%CPEs: 2EXPL: 4CVE-2008-4864 – Python < 2.5.2 Imageop Module - 'imageop.crop()' Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-4864
31 Oct 2008 — Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679. Múltiples desbordamientos de entero en imageop.c en el módulo imageop en Python de v1.5.2 a v2.5.1 permite a atacantes dependientes del contexto romper Python VM y eje... • https://www.exploit-db.com/exploits/10229 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2008-2315 – python: Multiple integer overflows in python core
https://notcve.org/view.php?id=CVE-2008-2315
01 Aug 2008 — Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031. Múltiples desbordamientos de enteros en Python 2.5.2 y anteriores. Permite a atacantes dependientes de contexto... • http://bugs.gentoo.org/attachment.cgi?id=159418&action=view • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2008-2316
https://notcve.org/view.php?id=CVE-2008-2316
01 Aug 2008 — Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB." Desbordamiento de entero en _hashopenssl.c en el módulo hashlib en Python 2.5.2 y anteriores. Podría permitir a atacantes dependientes del contexto vencer resúmenes criptográficos, relativos a "comprobación parcial hashlib de datos que exceden de 4GB." • http://bugs.gentoo.org/attachment.cgi?id=159422&action=view • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 1CVE-2008-3142 – python: Multiple buffer overflows in unicode processing
https://notcve.org/view.php?id=CVE-2008-3142
01 Aug 2008 — Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro. Múltiples desbordamientos de búfer en Python 2.5.2 y anteriores en plataformas de 32bit. Permite a atacantes dependientes de contexto causar denegación de servicio (crash) o ... • http://bugs.gentoo.org/show_bug.cgi?id=232137 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2008-3143 – python: Multiple integer overflows discovered by Google
https://notcve.org/view.php?id=CVE-2008-3143
01 Aug 2008 — Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9) cjkcodecs/multibytecodec.c, (10) datetimemodule.c, (11) md5.c, (12) rgbimgmodule.c, and (13) stropmodule.c in Modules/; (14) bufferobject.c, (15) listobject.c, and (16) obmalloc.c in Objects/; (17) Parser/node.c; and (18) asdl.c, (19) ast.... • http://bugs.gentoo.org/show_bug.cgi?id=232137 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 1CVE-2008-3144 – python: Potential integer underflow and overflow in the PyOS_vsnprintf C API function
https://notcve.org/view.php?id=CVE-2008-3144
01 Aug 2008 — Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of certain integer values is also affected by related integer underflows and an off-by-one error. Múltiples desbordamientos de enterod en la función PyOS_vsnprintf en Python/mysnprintf.c en Python 2.5.2 y anteriores. ... • http://bugs.gentoo.org/show_bug.cgi?id=232137 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2008-1679 – python: imageop module integer overflows
https://notcve.org/view.php?id=CVE-2008-1679
21 Apr 2008 — Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965. Múltiples desbordamientos de entero en imageop.c de Python versiones anteriores a 2.5.3 permiten a atacantes dependientes de contexto provocar una denegación de servicio (caída) y posiblemente ejecutar código de su el... • http://bugs.python.org/issue1179 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 3%CPEs: 6EXPL: 2CVE-2008-1887 – python: PyString_FromStringAndSize does not check for negative size values
https://notcve.org/view.php?id=CVE-2008-1887
18 Apr 2008 — Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow. Python versión 2.5.2 y anteriores, permite a los atacantes dependiendo del contexto ejecutar código arbitrario por medio de varios vectores que causan que se proporcione un valor de tamaño negativo a la función Py... • http://bugs.python.org/issue2587 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.1EPSS: 8%CPEs: 1EXPL: 3CVE-2007-4965 – Python 2.2 ImageOP Module - Multiple Integer Overflow Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-4965
18 Sep 2007 — Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) the tovideo method, and unspecified other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other files, which trigger heap-based buffer overflows. Múltiples desbordamientos de entero en el módulo imageop de Python 2.5.1 y anteriores permiten a atacantes ... • https://www.exploit-db.com/exploits/30592 • CWE-190: Integer Overflow or Wraparound •