PT-2007-3395 · Python+2 · Python+2

Publicado

2007-04-16

Atualizado

2024-06-15

CVE-2007-2052

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Python versions 2.4 through 2.5

Description The issue is caused by an off-by-one error in the PyLocale strxfrm function, which results in an incorrect buffer size being used for the strxfrm function. This allows attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.

Recommendations For Python versions 2.4 and 2.5, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-193

Identificadores relacionados

CVE-2007-2052

DSA-1551-1

DSA-1620-1

OPENSUSE-SU-2024:11202-1

RHSA-2007:1076

RHSA-2007:1077

RHSA-2007_1076

RHSA-2008:0264

RHSA-2008:0525

RHSA-2008:0629

RHSA-2009:1176

RHSA-2009_1176

SUSE-SU-2020:0234-1

Produtos afetados

Python

Red Hat

Suse

PT-2007-3395 · Python+2 · Python+2

CVE-2007-2052

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 203