CVE-2010-2089

Name of the Vulnerable Software and Affected Versions Python versions 2.7 through 3.2

Description The issue arises from the audioop module in Python not verifying the relationships between size arguments and byte string lengths. This allows context-dependent attackers to cause a denial of service, resulting in memory corruption and application crash, via crafted arguments. For example, a call to audioop.reverse with a one-byte string can demonstrate this issue.

Recommendations For Python versions 2.7 through 3.2, consider disabling the audioop module or restricting its use until a patch is available. As a temporary workaround, avoid using the audioop.reverse function with short byte strings to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.