Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-2089

Опубликовано: 11 янв. 2010
Источник: redhat
CVSS2: 4.3
EPSS Средний

Описание

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux Extended Update Support 6.0pythonAffected
Red Hat Enterprise Linux 4pythonFixedRHSA-2011:049105.05.2011
Red Hat Enterprise Linux 5pythonFixedRHSA-2011:002713.01.2011

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=598197Python: Memory corruption in audioop module

EPSS

Процентиль: 93%
0.11241
Средний

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-2089

ubuntu
больше 15 лет назад

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.

nvd логотип

CVE-2010-2089

nvd
больше 15 лет назад

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.

debian логотип

CVE-2010-2089

debian
больше 15 лет назад

The audioop module in Python 2.7 and 3.2 does not verify the relations ...

github логотип

GHSA-8428-fhph-pvrc

github
больше 3 лет назад

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.

oracle-oval логотип

ELSA-2011-0027

oracle-oval
почти 15 лет назад

ELSA-2011-0027: python security, bug fix, and enhancement update (LOW)

EPSS

Процентиль: 93%
0.11241
Средний

4.3 Medium

CVSS2