CVE-2008-3142

Loading...

General

Score:7.5/10.0
Severity:High
Category:Buffer Error

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2006-1861, CVE-2006-3467, CVE-2007-1351, CVE-2007-1352, CVE-2007-1667, CVE-2007-2052, CVE-2007-4565, CVE-2007-4965, CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-5966, CVE-2007-6286, CVE-2008-0002, CVE-2008-1232, CVE-2008-1377, CVE-2008-1379, CVE-2008-1679, CVE-2008-1721, CVE-2008-1806, CVE-2008-1807, CVE-2008-1808, CVE-2008-1887, CVE-2008-1927, CVE-2008-1947, CVE-2008-2315, CVE-2008-2316, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362, CVE-2008-2370, CVE-2008-2379, CVE-2008-2711, CVE-2008-3143, CVE-2008-3144, CVE-2008-3528, CVE-2008-3663, CVE-2008-4307, CVE-2008-4864, CVE-2008-5031, CVE-2008-5050, CVE-2008-5183, CVE-2008-5314, CVE-2008-5515, CVE-2008-5700, CVE-2009-0009, CVE-2009-0011, CVE-2009-0012, CVE-2009-0013, CVE-2009-0014, CVE-2009-0015, CVE-2009-0017, CVE-2009-0018, CVE-2009-0019, CVE-2009-0020, CVE-2009-0028, CVE-2009-0033, CVE-2009-0137, CVE-2009-0138, CVE-2009-0139, CVE-2009-0140, CVE-2009-0141, CVE-2009-0142, CVE-2009-0159, CVE-2009-0269, CVE-2009-0322, CVE-2009-0580, CVE-2009-0675, CVE-2009-0676, CVE-2009-0696, CVE-2009-0745, CVE-2009-0746, CVE-2009-0747, CVE-2009-0748, CVE-2009-0778, CVE-2009-0781, CVE-2009-0783, CVE-2009-0787, CVE-2009-0834, CVE-2009-1072, CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103, CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, CVE-2009-1107, CVE-2009-1192, CVE-2009-1252, CVE-2009-1336, CVE-2009-1337, CVE-2009-1385, CVE-2009-1388, CVE-2009-1389, CVE-2009-1439, CVE-2009-1630, CVE-2009-1633, CVE-2009-1895, CVE-2009-2406, CVE-2009-2407, CVE-2009-2414, CVE-2009-2416, CVE-2009-2417, CVE-2009-2625, CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2675, CVE-2009-2676, CVE-2009-2692, CVE-2009-2698, CVE-2009-2716, CVE-2009-2718, CVE-2009-2719, CVE-2009-2720, CVE-2009-2721, CVE-2009-2722, CVE-2009-2723, CVE-2009-2724, CVE-2009-2730, CVE-2009-2847, CVE-2009-2848, CVE-2011-1521, CVE-2011-3389, CVE-2011-4944, CVE-2012-0845, CVE-2012-1150, CVE-2013-1752, CVE-2013-1753, CVE-2013-4238, CVE-2014-1912, CVE-2014-4650, CVE-2014-7185, CVE-2016-0772, CVE-2016-1000110, CVE-2016-5636, CVE-2016-5699, CVE-2017-1000158, CVE-2017-18207, CVE-2018-1000030, CVE-2018-1000802, CVE-2018-1060, CVE-2018-1061, CVE-2018-14647, CVE-2018-20852, CVE-2019-10160, CVE-2019-16056, CVE-2019-16935, CVE-2019-5010, CVE-2019-9636, CVE-2019-9947, CVE-2019-9948

Published on 01/08/08 - Updated on 11/10/18

Description

Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro.

Category: Buffer Error

CWE-119 (Buffer Errors)
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Security Notices

US National Vulnerability DatabaseCVE-2008-3142
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2008-AVI-391, CERTA-2009-AVI-068, CERTA-2009-AVI-513
CentOS CESA-2009:1176, CESA-2009:1178
Redhat RHSA-2009:1176, RHSA-2009:1177, RHSA-2009:1178
Renater 2008/VULN546, 2009/VULN046, 2009/VULN470, 2010/VULN104
SUSE SUSE-SU-2020:0234

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
python_software_foundationpython

Share this vulnerability with:

Twitter Facebook LinkedIn Mail