Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2008-2315

Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031.

Published

2008-08-01T14:41:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Primary
CWE-190

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	python	python	≤ 2.5.2	Yes

References

http://bugs.gentoo.org/attachment.cgi?id=159418&action=view Exploit ([email protected])
http://bugs.gentoo.org/show_bug.cgi?id=230640 Third Party Advisory ([email protected])
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html Mailing List ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html Third Party Advisory ([email protected])
http://secunia.com/advisories/31305 Broken Link ([email protected])
http://secunia.com/advisories/31332 Broken Link ([email protected])
http://secunia.com/advisories/31358 Broken Link ([email protected])
http://secunia.com/advisories/31365 Broken Link ([email protected])
http://secunia.com/advisories/31518 Broken Link ([email protected])
http://secunia.com/advisories/31687 Broken Link ([email protected])
http://secunia.com/advisories/32793 Broken Link ([email protected])
http://secunia.com/advisories/33937 Broken Link ([email protected])
http://secunia.com/advisories/37471 Broken Link ([email protected])
http://secunia.com/advisories/38675 Broken Link ([email protected])
http://security.gentoo.org/glsa/glsa-200807-16.xml Third Party Advisory ([email protected])
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.525289 Third Party Advisory ([email protected])
http://support.apple.com/kb/HT3438 Third Party Advisory ([email protected])
http://support.avaya.com/css/P8/documents/100074697 Third Party Advisory ([email protected])
http://www.debian.org/security/2008/dsa-1667 Third Party Advisory ([email protected])
http://www.mandriva.com/security/advisories?name=MDVSA-2008:163 Broken Link, Third Party Advisory ([email protected])
http://www.mandriva.com/security/advisories?name=MDVSA-2008:164 Broken Link, Third Party Advisory ([email protected])
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5032900 Third Party Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2008/11/05/2 Mailing List ([email protected])
http://www.openwall.com/lists/oss-security/2008/11/05/3 Mailing List ([email protected])
http://www.securityfocus.com/archive/1/507985/100/0/threaded Third Party Advisory, VDB Entry ([email protected])
http://www.securityfocus.com/bid/30491 Third Party Advisory, VDB Entry ([email protected])
http://www.ubuntu.com/usn/usn-632-1 Third Party Advisory ([email protected])
http://www.vmware.com/security/advisories/VMSA-2009-0016.html Third Party Advisory ([email protected])
http://www.vupen.com/english/advisories/2008/2288 Broken Link, Third Party Advisory ([email protected])
http://www.vupen.com/english/advisories/2009/3316 Broken Link, Third Party Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/44172 VDB Entry ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/44173 VDB Entry ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8445 Broken Link ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8683 Broken Link ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9761 Broken Link ([email protected])
http://bugs.gentoo.org/attachment.cgi?id=159418&action=view Exploit (af854a3a-2127-422b-91ae-364da2661108)
http://bugs.gentoo.org/show_bug.cgi?id=230640 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31305 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31332 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31358 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31365 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31518 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31687 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/32793 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/33937 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/37471 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/38675 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200807-16.xml Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.525289 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://support.apple.com/kb/HT3438 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://support.avaya.com/css/P8/documents/100074697 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2008/dsa-1667 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2008:163 Broken Link, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2008:164 Broken Link, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5032900 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2008/11/05/2 Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2008/11/05/3 Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/507985/100/0/threaded Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/30491 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-632-1 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.vmware.com/security/advisories/VMSA-2009-0016.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/2288 Broken Link, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2009/3316 Broken Link, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44172 VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44173 VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8445 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8683 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9761 Broken Link (af854a3a-2127-422b-91ae-364da2661108)