CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2008-5031 – python: stringobject, unicodeobject integer overflows
https://notcve.org/view.php?id=CVE-2008-5031
Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. NOTE: this vulnerability reportedly exists because of an incomplete fix for CVE-2008-2315. Múltiples desbordamientos de enteros en Python versiones 2.2.3 hasta 2.5.1 y 2.6, permiten a los atacantes dependiendo del contexto tener un impacto desconocido por medio de un valor entero largo en el argumento tabsize para el método expandtabs, tal y como es implementado por ( 1) la función string_expandtabs en el archivo Objects/stringobject.c y (2) la función unicode_expandtabs en el archivo Objects/unicodeobject.c. NOTA: esta vulnerabilidad se presenta debido a una corrección incompleta para el CVE-2008-2315. • http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://scary.beasts.org/security/CESA-2008-008.html http://secunia.com/advisories/33937 http://secunia.com/advisories/35750 http://secunia.com/advisories/37471 http://security.gentoo.org/glsa/glsa-200907-16.xml http://support.apple.com/kb/HT3438 http://svn.python.org/view/python/trunk/Objects/stringobject.c?rev=61350&view=diff&r1=61350&r2=61349&p1=python/trunk/Objects/stringobject.c&p2=/python/trunk/Obje • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4CVE-2008-4864 – Python < 2.5.2 Imageop Module - 'imageop.crop()' Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-4864
Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679. Múltiples desbordamientos de entero en imageop.c en el módulo imageop en Python de v1.5.2 a v2.5.1 permite a atacantes dependientes del contexto romper Python VM y ejecutar código de su elección mediante valores enteros grandes en ciertos argumentos a la función crop, llevando a un desbordamiento de búfer, una vulnerabilidad distinta a CVE-2007-4965 y CVE-2008-1679. • https://www.exploit-db.com/exploits/10229 https://www.exploit-db.com/exploits/32534 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://scary.beasts.org/security/CESA-2008-008.html http://secunia.com/advisories/33937 http://secunia.com/advisories/37471 http://support.apple.com/kb/HT3438 http://svn.python.org/view/python/trunk/Modules/imageop.c?rev=66689&view=diff&r1=66689&r2=66688&p1=python/trunk/Modules/imageop.c&p2=/python/trunk/Modules/imag • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1CVE-2008-3142 – python: Multiple buffer overflows in unicode processing
https://notcve.org/view.php?id=CVE-2008-3142
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro. Múltiples desbordamientos de búfer en Python 2.5.2 y anteriores en plataformas de 32bit. Permite a atacantes dependientes de contexto causar denegación de servicio (crash) o tener otros impactos no especificados a través de una cadena larga que conduce a una asignación incorrecta de memoria durante el procesamiento de la cadena Unicode, relacionado con la función unicode_resize y el macro PyMem_RESIZE. • http://bugs.gentoo.org/show_bug.cgi?id=232137 http://bugs.python.org/file10825/issue2620-gps02-patch.txt http://bugs.python.org/issue2620 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://secunia.com/advisories/31305 http://secunia.com/advisories/31332 http://secunia.com/advisories/31358 http://secunia.com/advisories/31365 http://secunia.com/advisories/31473 http://secunia. • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2008-2315 – python: Multiple integer overflows in python core
https://notcve.org/view.php?id=CVE-2008-2315
Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031. Múltiples desbordamientos de enteros en Python 2.5.2 y anteriores. Permite a atacantes dependientes de contexto a tener un impacto desconocido a través de vectores relacionados con el (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, y los módulos (6) stropmodule, (7) gcmodule, and (8) mmapmodule. • http://bugs.gentoo.org/attachment.cgi?id=159418&action=view http://bugs.gentoo.org/show_bug.cgi?id=230640 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://secunia.com/advisories/31305 http://secunia.com/advisories/31332 http://secunia.com/advisories/31358 http://secunia.com/advisories/31365 http://secunia.com/advisories/31518 http://secunia.com/advisories/31687 http://sec • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2008-2316
https://notcve.org/view.php?id=CVE-2008-2316
Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB." Desbordamiento de entero en _hashopenssl.c en el módulo hashlib en Python 2.5.2 y anteriores. Podría permitir a atacantes dependientes del contexto vencer resúmenes criptográficos, relativos a "comprobación parcial hashlib de datos que exceden de 4GB." • http://bugs.gentoo.org/attachment.cgi?id=159422&action=view http://bugs.gentoo.org/show_bug.cgi?id=230640 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://secunia.com/advisories/31305 http://secunia.com/advisories/31332 http://secunia.com/advisories/31358 http://secunia.com/advisories/31365 http://secunia.com/advisories/31473 http://secunia.com/advisories/31518 http://sec • CWE-189: Numeric Errors •