Lucene search

[email protected]CVE-2008-2315

HistoryAug 01, 2008 - 2:41 p.m.

CVE-2008-2315

2008-08-0114:41:00

CWE-190

[email protected]

web.nvd.nist.gov

cve-2008-2315

integer overflows

python

security vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.0%

JSON

Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031.

Affected configurations

NVD

Node

pythonpythonRange≤2.5.2

CPENameOperatorVersion
python:pythonpythonle2.5.2

CPE	Name	Operator	Version
python:python	python	le	2.5.2

References

bugs.gentoo.org/attachment.cgi?id=159418&action=view

bugs.gentoo.org/show_bug.cgi?id=230640

lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

secunia.com/advisories/31305

secunia.com/advisories/31332

secunia.com/advisories/31358

secunia.com/advisories/31365

secunia.com/advisories/31518

secunia.com/advisories/31687

secunia.com/advisories/32793

secunia.com/advisories/33937

secunia.com/advisories/37471

secunia.com/advisories/38675

security.gentoo.org/glsa/glsa-200807-16.xml

slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.525289

support.apple.com/kb/HT3438

support.avaya.com/css/P8/documents/100074697

www.debian.org/security/2008/dsa-1667

www.mandriva.com/security/advisories?name=MDVSA-2008:163

www.mandriva.com/security/advisories?name=MDVSA-2008:164

www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5032900

www.openwall.com/lists/oss-security/2008/11/05/2

www.openwall.com/lists/oss-security/2008/11/05/3

www.securityfocus.com/archive/1/507985/100/0/threaded

www.securityfocus.com/bid/30491

www.ubuntu.com/usn/usn-632-1

www.vmware.com/security/advisories/VMSA-2009-0016.html

www.vupen.com/english/advisories/2008/2288

www.vupen.com/english/advisories/2009/3316

exchange.xforce.ibmcloud.com/vulnerabilities/44172

exchange.xforce.ibmcloud.com/vulnerabilities/44173

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8445

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8683

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9761

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.0%

JSON

Related for CVE-2008-2315

cvelist2 nvd2 cve1 ubuntucve2 prion2 nessus30 veracode2 openvas58 freebsd1 debian1 osv1 redhat3 oraclelinux3 centos2 securityvulns2 seebug3 gentoo2 slackware1 ubuntu2 vmware2