Back to search
CVE-2010-2089
Published: May 27, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=598197
x_refsource_CONFIRM
43068
third-party-advisory
x_refsource_SECUNIA
FEDORA-2010-9652
vendor-advisory
x_refsource_FEDORA
51087
third-party-advisory
x_refsource_SECUNIA
ADV-2011-0212
vdb-entry
x_refsource_VUPEN
USN-1616-1
vendor-advisory
x_refsource_UBUNTU
51040
third-party-advisory
x_refsource_SECUNIA
ADV-2010-1448
vdb-entry
x_refsource_VUPEN
50858
third-party-advisory
x_refsource_SECUNIA
40863
vdb-entry
x_refsource_BID
http://bugs.python.org/issue7673
x_refsource_CONFIRM
APPLE-SA-2011-10-12-3
vendor-advisory
x_refsource_APPLE
ADV-2011-0122
vdb-entry
x_refsource_VUPEN
SUSE-SR:2011:002
vendor-advisory
x_refsource_SUSE
42888
third-party-advisory
x_refsource_SECUNIA
USN-1596-1
vendor-advisory
x_refsource_UBUNTU
40194
third-party-advisory
x_refsource_SECUNIA
RHSA-2011:0027
vendor-advisory
x_refsource_REDHAT
USN-1613-2
vendor-advisory
x_refsource_UBUNTU
http://support.apple.com/kb/HT5002
x_refsource_CONFIRM
SUSE-SR:2010:024
vendor-advisory
x_refsource_SUSE
51024
third-party-advisory
x_refsource_SECUNIA
USN-1613-1
vendor-advisory
x_refsource_UBUNTU
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now