CVE-2008-3143

Name of the Vulnerable Software and Affected Versions: Python versions prior to 2.5.2

Description: The issue is related to multiple integer overflows in various Python modules and files, including Include/pymem.h, csv.c, struct.c, arraymodule.c, audioop.c, binascii.c, cPickle.c, cStringIO.c, cjkcodecs/multibytecodec.c, datetimemodule.c, md5.c, rgbimgmodule.c, stropmodule.c, bufferobject.c, listobject.c, obmalloc.c, Parser/node.c, asdl.c, ast.c, bltinmodule.c, and compile.c. These overflows might allow context-dependent attackers to have an unknown impact. The issue has been addressed by adding checks for integer overflows, contributed by Google.

Recommendations: For Python versions prior to 2.5.2, update to version 2.5.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the affected modules until a patch is available.