- Home
- CVEs with nessus.description==The remote host is affected by the vulnerability described in GLSA-200807-16
(Python: Multiple vulnerabilities)
Multiple vulnerabilities were discovered in Python:
David Remahl of Apple Product Security reported several integer
overflows in core modules such as stringobject, unicodeobject,
bufferobject, longobject, tupleobject, stropmodule, gcmodule,
mmapmodule (CVE-2008-2315).
David Remahl of Apple Product Security also reported an integer
overflow in the hashlib module, leading to unreliable cryptographic
digest results (CVE-2008-2316).
Justin Ferguson reported multiple buffer overflows in unicode string
processing that only affect 32bit systems (CVE-2008-3142).
The Google Security Team reported multiple integer overflows
(CVE-2008-3143).
Justin Ferguson reported multiple integer underflows and overflows in
the PyOS_vsnprintf() function, and an off-by-one error when passing
zero-length strings, leading to memory corruption (CVE-2008-3144).
Impact :
A remote attacker could exploit these vulnerabilities in Python
applications or daemons that pass user-controlled input to vulnerable
functions. Exploitation might lead to the execution of arbitrary code
or a Denial of Service. Vulnerabilities within the hashlib might lead
to weakened cryptographic protection of data integrity or authenticity.
Workaround :
There is no known workaround at this time.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top