CVE-2008-2316

Loading...

General

Score:7.5/10.0
Severity:High
Category:Numeric Error

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2006-1861, CVE-2006-3467, CVE-2007-1351, CVE-2007-1352, CVE-2007-1667, CVE-2007-2052, CVE-2007-4565, CVE-2007-4965, CVE-2008-1377, CVE-2008-1379, CVE-2008-1679, CVE-2008-1721, CVE-2008-1806, CVE-2008-1807, CVE-2008-1808, CVE-2008-1887, CVE-2008-1927, CVE-2008-2315, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362, CVE-2008-2379, CVE-2008-2711, CVE-2008-3142, CVE-2008-3143, CVE-2008-3144, CVE-2008-3663, CVE-2008-4864, CVE-2008-5031, CVE-2008-5050, CVE-2008-5183, CVE-2008-5314, CVE-2009-0009, CVE-2009-0011, CVE-2009-0012, CVE-2009-0013, CVE-2009-0014, CVE-2009-0015, CVE-2009-0017, CVE-2009-0018, CVE-2009-0019, CVE-2009-0020, CVE-2009-0137, CVE-2009-0138, CVE-2009-0139, CVE-2009-0140, CVE-2009-0141, CVE-2009-0142, CVE-2011-1521, CVE-2011-3389, CVE-2011-4944, CVE-2012-0845, CVE-2012-1150, CVE-2013-1752, CVE-2013-1753, CVE-2013-4238, CVE-2014-1912, CVE-2014-4650, CVE-2014-7185, CVE-2016-0772, CVE-2016-1000110, CVE-2016-5636, CVE-2016-5699, CVE-2017-1000158, CVE-2017-18207, CVE-2018-1000030, CVE-2018-1000802, CVE-2018-1060, CVE-2018-1061, CVE-2018-14647, CVE-2018-20852, CVE-2019-10160, CVE-2019-16056, CVE-2019-16935, CVE-2019-5010, CVE-2019-9636, CVE-2019-9947, CVE-2019-9948

Published on 01/08/08 - Updated on 11/10/18

Description

Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."

Category: Numeric Error

CWE-189 (Numeric Errors)
Weaknesses in this category are related to improper calculation or conversion of numbers.

Security Notices

US National Vulnerability DatabaseCVE-2008-2316
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2008-AVI-391, CERTA-2009-AVI-068
Renater 2009/VULN046
SUSE SUSE-SU-2020:0234

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
python_software_foundationpython

Share this vulnerability with:

Twitter Facebook LinkedIn Mail