Описание
Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.4.3-0ubuntu6.2 |
| devel | not-affected | |
| feisty | released | 2.4.4-2ubuntu7.2 |
| gutsy | released | 2.4.4-6ubuntu4.2 |
| hardy | not-affected | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | |
| feisty | released | 2.5.1-0ubuntu1.2 |
| gutsy | released | 2.5.1-5ubuntu5.2 |
| hardy | not-affected | |
| upstream | needs-triage |
Показывать по
EPSS
9.3 Critical
CVSS2
Связанные уязвимости
Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow.
Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow.
Python 2.5.2 and earlier allows context-dependent attackers to execute ...
Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow.
EPSS
9.3 Critical
CVSS2