Page 9 of 66 results (0.006 seconds)

CVSS: 5.0EPSS: 2%CPEs: 3EXPL: 1

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634. El módulo audioop en Python v2.7 y v3.2 no verifica las relaciones entre tamaños de argumentos y longitud de cadenas de byte, lo que permite a atacantes de contexto causar una denegación de servicio (corrupción de memoria y caída de programa) a través de argumentos manipulados, como queda demostrado por una llamada a audioop.reverse con una cadena de un byte, una vulnerabilidad diferente que CVE-2010-1634. • https://www.exploit-db.com/exploits/34145 http://bugs.python.org/issue7673 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/40194 http://secunia.com/advisories/42888 http://secunia.com/advisories/43068 http:& • CWE-787: Out-of-bounds Write •

CVSS: 5.1EPSS: 4%CPEs: 1EXPL: 0

Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an invalid pointer dereference. Desbordamiento inferior de búfer en el módulo rgbimg en Python v2.5 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un valor ZSIZE grande en una imagen RGB blanco-y-negro (también conocido como B/W) que lanza una desreferencia a un puntero no válido. • http://bugs.python.org/issue8678 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/42888 http://secunia.com/advisories/43068 http://secunia.com/advisories/43364 http://support.apple.com/kb/HT4435 http://www.mandriva.com/security/advisories?name=MDVSA-2010:215 http://www.redhat.com/support/errata/RHSA-2011-0027.html http://www.redhat.com/support/err • CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0

Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-3143.12. Desbordamiento de entero en rgbimgmodule.c en el módulo rgbimg en Python v2.5 permite a atacantes remotos tener un impacto sin especificar a través de fichero de imagen grande que provoca un desbordamiento de búfer. NOTA: esta vulnerabilidad existe debido a una solución incompleta de CVE-2008-3143.12. • http://bugs.python.org/issue8678 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/42888 http://secunia.com/advisories/43068 http://secunia.com/advisories/43364 http://support.apple.com/kb/HT4435 http://www.mandriva.com/security/advisories?name=MDVSA-2010:215 http://www.redhat.com/support/errata/RHSA-2011-0027.html http://www.redhat.com/support/err • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function. Múltiples desbordamientos de búfer en el decodificador RLE en el módulo rgbimg en Python v2.5 permite a atacantes remotos tener un impacto sin especificar a través de fichero de imagen que contiene datos manipulados que lanza un procesado inapropiado dentro de la función (1) longimagedata o (2) expandrow. • http://bugs.python.org/issue8678 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/42888 http://secunia.com/advisories/43068 http://secunia.com/advisories/43364 http://support.apple.com/kb/HT4435 http://www.mandriva.com/security/advisories?name=MDVSA-2010:215 http://www.redhat.com/support/errata/RHSA-2011-0027.html http://www.redhat.com/support/err • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 5.1EPSS: 0%CPEs: 13EXPL: 0

Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5. Múltiples desbordamientos de entero en audioop.c en el módulo audioop en Python v2.6, v2.7, v3.1 y v3.2, permite a atacantes dependientes del contexto provocar una denegación de servicio (caída de aplicación) a través de un fragmento largo, como se ha demostrado mediante una llamada audiolop.lin2lin con una cadena larga en el primer argumento, llevando a cabo un desbordamiento de búfer. NOTA: esta vulnerabilidad existe por un incorrecto parcheado para la CVE-2008-3143.5. • http://bugs.python.org/issue8674 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/39937 http://secunia.com/advisories/40194 http://secunia.com/advisories/42888 http://secunia.com/advisories/43068 http://sec • CWE-190: Integer Overflow or Wraparound •