5

CVE-2007-2052

Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PythonPython Version2.4.0
PythonPython Version2.5.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 12.48% 0.957
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-193 Off-by-one Error

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

http://secunia.com/advisories/31492
Broken Link
http://www.redhat.com/support/errata/RHSA-2008-0629.html
Third Party Advisory
http://secunia.com/advisories/25787
Broken Link
http://www.novell.com/linux/security/advisories/2007_13_sr.html
Third Party Advisory
http://secunia.com/advisories/25353
Broken Link
http://www.trustix.org/errata/2007/0019/
Third Party Advisory
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=416934
Third Party Advisory
http://lists.vmware.com/pipermail/security-announce/2008/000005.html
Third Party Advisory
http://secunia.com/advisories/25190
Broken Link
http://secunia.com/advisories/25217
Broken Link
http://secunia.com/advisories/25233
Broken Link
http://secunia.com/advisories/28027
Broken Link
http://secunia.com/advisories/28050
Broken Link
http://secunia.com/advisories/29032
Broken Link
http://secunia.com/advisories/29303
Broken Link
http://secunia.com/advisories/29889
Broken Link
http://secunia.com/advisories/31255
Broken Link
http://secunia.com/advisories/37471
Third Party Advisory
http://www.debian.org/security/2008/dsa-1551
Third Party Advisory
http://www.debian.org/security/2008/dsa-1620
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:099
Third Party Advisory
Broken Link
http://www.python.org/download/releases/2.5.1/NEWS.txt
Vendor Advisory
Broken Link
http://www.redhat.com/support/errata/RHSA-2007-1076.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-1077.html
Third Party Advisory
http://www.securityfocus.com/archive/1/469294/30/6450/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/488457/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/23887
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/usn-585-1
Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Third Party Advisory
Broken Link
http://www.vupen.com/english/advisories/2007/1465
Third Party Advisory
Broken Link
http://www.vupen.com/english/advisories/2008/0637
Third Party Advisory
Broken Link
http://www.vupen.com/english/advisories/2009/3316
Third Party Advisory
Broken Link
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235093
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/34060
VDB Entry
https://issues.rpath.com/browse/RPL-1358
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11716
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8353
Broken Link