Description
Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote attackers to execute arbitrary code via an IPv6 address that is obtained using DNS.
References (6)
Core 6
Core References
Patch, Third Party Advisory, VDB Entry, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/9836
Broken Link vendor-advisory
x_refsource_mandrake
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:019
Broken Link vdb-entry
x_refsource_osvdb
http://www.osvdb.org/4172
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200409-03.xml
Patch, Vendor Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2004/dsa-458
VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15409
Scores
EPSS
0.0790
EPSS Percentile
92.1%
Details
CWE
CWE-120
Status
published
Products (1)
python/python
2.2.0 - 2.2.2
Published
Apr 15, 2004
Tracked Since
Feb 18, 2026