The utf-16 decoder in Python 3.1 up to and including 3.3 does not update the aligned_end variable after calling the unicode_decode_call_errorhandler function, which allows remote malicious users to obtain sensitive information (process memory) or cause a denial of service (memory corruption and crash) via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
python python |
||
canonical ubuntu linux 11.04 |
||
canonical ubuntu linux 11.10 |
||
canonical ubuntu linux 12.10 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 12.04 |
||
debian debian linux 6.0 |