Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent malicious users to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
python python 2.4.0 |
||
python python 2.5.0 |