Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2008-2315

Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031.

Related bugs and status

CVE-2008-2315 (Candidate) is related to these bugs:

Bug #258635: No support for ml_IN locale

Summary				In	Importance	Status
	258635	No support for ml_IN locale		python2.5 (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://bugs.gentoo.org...
GENTOO: GLSA-200807-16
MANDRIVA: MDVSA-2008:163
MANDRIVA: MDVSA-2008:164
SUSE: SUSE-SR:2008:017
UBUNTU: USN-632-1
BID: 30491
SECUNIA: 31358
SECUNIA: 31305
SECUNIA: 31332
SECUNIA: 31365
SECUNIA: 31518
SECUNIA: 31687
MLIST: [oss-security] 2008110...
MLIST: [oss-security] 2008110...
APPLE: APPLE-SA-2009-02-12
SECUNIA: 33937
DEBIAN: DSA-1667
SECUNIA: 32793
CONFIRM: http://support.apple.c...
CONFIRM: http://www.vmware.com/...
SECUNIA: 37471
VUPEN: ADV-2009-3316
CONFIRM: http://support.avaya.c...
SECUNIA: 38675
VUPEN: ADV-2008-2288
CONFIRM: http://bugs.gentoo.org...
CONFIRM: http://www.novell.com/...
SLACKWARE: SSA:2008-217-01
XF: python-multiple-bo(44173)
XF: python-modules-bo(44172)
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20091120 VMSA-2009-001...