Описание
The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | |
| hardy | released | 2.4.5-1ubuntu4.4 |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| precise | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | released | 2.5.2-2ubuntu6.2 |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| precise | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | DNE | |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | released | 2.6.5-1ubuntu6.1 |
| maverick | not-affected | 2.6.6-5ubuntu1 |
| natty | not-affected | 2.6.6-5ubuntu1 |
| oneiric | not-affected | 2.6.6-5ubuntu1 |
| precise | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| hardy | DNE | |
| lucid | DNE | |
| natty | not-affected | |
| oneiric | not-affected | |
| precise | not-affected | |
| quantal | not-affected | |
| upstream | released | 2.7-1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | DNE | |
| lucid | released | 3.1.2-0ubuntu3.2 |
| natty | not-affected | 3.1.3-1ubuntu1.1 |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| upstream | released | 3.1.3-1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| hardy | DNE | |
| lucid | DNE | |
| natty | not-affected | 3.2-1ubuntu1 |
| oneiric | not-affected | |
| precise | not-affected | |
| quantal | not-affected | |
| upstream | released | 3.2 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.
The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.
The audioop module in Python 2.7 and 3.2 does not verify the relations ...
The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.
ELSA-2011-0027: python security, bug fix, and enhancement update (LOW)
EPSS
5 Medium
CVSS2