ID CVE-2008-3143
Summary Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9) cjkcodecs/multibytecodec.c, (10) datetimemodule.c, (11) md5.c, (12) rgbimgmodule.c, and (13) stropmodule.c in Modules/; (14) bufferobject.c, (15) listobject.c, and (16) obmalloc.c in Objects/; (17) Parser/node.c; and (18) asdl.c, (19) ast.c, (20) bltinmodule.c, and (21) compile.c in Python/, as addressed by "checks for integer overflows, contributed by Google."
References
Vulnerable Configurations
  • cpe:2.3:a:python:python:-:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:-:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:0.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:0.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:0.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:0.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:0.9.8:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:0.9.8:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:0.9.9:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:0.9.9:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:1.4:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:1.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:1.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:1.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:1.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:1.6:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:1.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:1.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.3:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.4:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.4.5:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.5:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:python:python:2.5.6:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.5.6:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 02-08-2023 - 18:50)
Impact:
Exploitability:
CWE CWE-190
CAPEC
  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
oval via4
  • accepted 2014-01-20T04:01:36.350-05:00
    class vulnerability
    contributors
    • name Pai Peng
      organization Hewlett-Packard
    • name Chris Coffin
      organization The MITRE Corporation
    definition_extensions
    • comment VMWare ESX Server 3.0.3 is installed
      oval oval:org.mitre.oval:def:6026
    • comment VMware ESX Server 3.5.0 is installed
      oval oval:org.mitre.oval:def:5887
    • comment VMware ESX Server 4.0 is installed
      oval oval:org.mitre.oval:def:6293
    description Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9) cjkcodecs/multibytecodec.c, (10) datetimemodule.c, (11) md5.c, (12) rgbimgmodule.c, and (13) stropmodule.c in Modules/; (14) bufferobject.c, (15) listobject.c, and (16) obmalloc.c in Objects/; (17) Parser/node.c; and (18) asdl.c, (19) ast.c, (20) bltinmodule.c, and (21) compile.c in Python/, as addressed by "checks for integer overflows, contributed by Google."
    family unix
    id oval:org.mitre.oval:def:7720
    status accepted
    submitted 2010-03-19T16:57:59.000-04:00
    title VMware python multiple integer overflows vulnerability
    version 7
  • accepted 2013-04-29T04:18:07.005-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description by Google."
    family unix
    id oval:org.mitre.oval:def:8996
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title by Google."
    version 30
redhat via4
rpms
  • python-0:2.4.3-24.el5_3.6
  • python-debuginfo-0:2.4.3-24.el5_3.6
  • python-devel-0:2.4.3-24.el5_3.6
  • python-tools-0:2.4.3-24.el5_3.6
  • tkinter-0:2.4.3-24.el5_3.6
  • python-0:2.3.4-14.7.el4_8.2
  • python-debuginfo-0:2.3.4-14.7.el4_8.2
  • python-devel-0:2.3.4-14.7.el4_8.2
  • python-docs-0:2.3.4-14.7.el4_8.2
  • python-tools-0:2.3.4-14.7.el4_8.2
  • tkinter-0:2.3.4-14.7.el4_8.2
  • python-0:2.2.3-6.11
  • python-debuginfo-0:2.2.3-6.11
  • python-devel-0:2.2.3-6.11
  • python-tools-0:2.2.3-6.11
  • tkinter-0:2.2.3-6.11
refmap via4
bid 30491
bugtraq
  • 20080813 rPSA-2008-0243-1 idle python
  • 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components
confirm
debian DSA-1667
gentoo GLSA-200807-16
mandriva
  • MDVSA-2008:163
  • MDVSA-2008:164
secunia
  • 31332
  • 31365
  • 31473
  • 31518
  • 31687
  • 32793
  • 37471
suse SUSE-SR:2008:017
ubuntu USN-632-1
vupen
  • ADV-2008-2288
  • ADV-2009-3316
Last major update 02-08-2023 - 18:50
Published 01-08-2008 - 14:41
Last modified 02-08-2023 - 18:50
Back to Top