CVE-2008-2315

Python < 2.5.2 - Integer Overflow in Multiple Modules

Title source: llm
STIX 2.1

Description

Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031.

References (35)

Core 35
Core References
Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
Broken Link, Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2288
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32793
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/30491
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/38675
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/33937
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/37471
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/11/05/3
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31687
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/11/05/2
Third Party Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200807-16.xml
Third Party Advisory x_refsource_confirm
http://support.apple.com/kb/HT3438
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31358
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31332
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-632-1
Broken Link, Third Party Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2008:164
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31518
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31305
Third Party Advisory x_refsource_confirm
http://bugs.gentoo.org/show_bug.cgi?id=230640
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31365
Third Party Advisory x_refsource_confirm
http://support.avaya.com/css/P8/documents/100074697
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2008/dsa-1667
Broken Link, Third Party Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2008:163
Broken Link, Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/3316

Scores

EPSS 0.0092
EPSS Percentile 76.3%

Details

CWE
CWE-190
Status published
Products (1)
python/python < 2.5.2
Published Aug 01, 2008
Tracked Since Feb 18, 2026