Описание
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| devel | DNE | |
| edgy | DNE | |
| feisty | DNE | |
| gutsy | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.4.3-0ubuntu6.1 |
| devel | not-affected | |
| edgy | released | 2.4.4~c1-0ubuntu1.1 |
| feisty | not-affected | |
| gutsy | not-affected | |
| upstream | released | 2.4.4-3 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | |
| edgy | released | 2.5-2ubuntu2.1 |
| feisty | not-affected | |
| gutsy | not-affected | |
| upstream | released | 2.5.1-1 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemo ...
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.
EPSS
5 Medium
CVSS2