7.5

CVE-2008-2315

Exploit
Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules.  NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PythonPython Version <= 2.5.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.21% 0.897
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
Mailing List
http://secunia.com/advisories/33937
Broken Link
http://support.apple.com/kb/HT3438
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
Third Party Advisory
http://secunia.com/advisories/31687
Broken Link
http://secunia.com/advisories/37471
Broken Link
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Third Party Advisory
VDB Entry
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Third Party Advisory
http://www.vupen.com/english/advisories/2009/3316
Third Party Advisory
Broken Link
http://secunia.com/advisories/38675
Broken Link
http://support.avaya.com/css/P8/documents/100074697
Third Party Advisory
http://secunia.com/advisories/31358
Broken Link
http://secunia.com/advisories/31365
Broken Link
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.525289
Third Party Advisory
http://www.ubuntu.com/usn/usn-632-1
Third Party Advisory
http://secunia.com/advisories/31518
Broken Link
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5032900
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:163
Third Party Advisory
Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2008:164
Third Party Advisory
Broken Link
http://bugs.gentoo.org/attachment.cgi?id=159418&action=view
Exploit
http://bugs.gentoo.org/show_bug.cgi?id=230640
Third Party Advisory
http://secunia.com/advisories/31305
Broken Link
http://secunia.com/advisories/31332
Broken Link
http://secunia.com/advisories/32793
Broken Link
http://security.gentoo.org/glsa/glsa-200807-16.xml
Third Party Advisory
http://www.debian.org/security/2008/dsa-1667
Third Party Advisory
http://www.openwall.com/lists/oss-security/2008/11/05/2
Mailing List
http://www.openwall.com/lists/oss-security/2008/11/05/3
Mailing List
http://www.securityfocus.com/bid/30491
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2008/2288
Third Party Advisory
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/44172
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/44173
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8445
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8683
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9761
Broken Link