CVE-2008-3143

CVE Details

Release Date:	2008-08-01
Impact:	Low	What is this?

Description

Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9) cjkcodecs/multibytecodec.c, (10) datetimemodule.c, (11) md5.c, (12) rgbimgmodule.c, and (13) stropmodule.c in Modules/; (14) bufferobject.c, (15) listobject.c, and (16) obmalloc.c in Objects/; (17) Parser/node.c; and (18) asdl.c, (19) ast.c, (20) bltinmodule.c, and (21) compile.c in Python/, as addressed by checks for integer overflows, contributed by Google. Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-3143.12. Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5.

See more information about CVE-2008-3143 from MITRE CVE dictionary and NIST NVD

NOTE: The following CVSS metrics and score provided are preliminary and subject to review.

CVSS v2 metrics

Base Score:	7.5
Vector String:	AV:N/AC:L/Au:N/C:P/I:P/A:P
Version:	2.0
Attack Vector:	Network
Attack Complexity:	Low
Authentication:	None
Confidentiality Impact:	Partial
Integrity Impact:	Partial
Availability Impact:	Partial

Errata information

Platform	Errata	Release Date
Oracle Enterprise Linux version 4 (python)	ELSA-2009-1177	2009-07-27
Oracle Linux version 5 (python)	ELSA-2009-1176	2009-07-27