Python 2.5.2 and previous versions allows context-dependent malicious users to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
python python |
||
canonical ubuntu linux 7.04 |
||
canonical ubuntu linux 7.10 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 6.06 |
||
debian debian linux 4.0 |