{ "id": "CVE-2008-2315", "sourceIdentifier": "cve@mitre.org", "published": "2008-08-01T14:41:00.000", "lastModified": "2018-10-11T20:40:07.580", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031." }, { "lang": "es", "value": "M\u00faltiples desbordamientos de enteros en Python 2.5.2 y anteriores. Permite a atacantes dependientes de contexto a tener un impacto desconocido a trav\u00e9s de vectores relacionados con el (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, y los m\u00f3dulos (6) stropmodule, (7) gcmodule, and (8) mmapmodule." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5 }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": true, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-189" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:*:*:*:*:*:*:*:*", "versionEndIncluding": "2.5.2", "matchCriteriaId": "107216B7-C3A3-4A47-8E0B-2377C4A24357" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:1.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "9FA5B2AA-D431-4B75-B6DC-9E2B9390FD98" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:1.6:*:*:*:*:*:*:*", "matchCriteriaId": "142541D5-63E0-4D2A-AD37-AC13CCA9B9DE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2652E2F4-C7F0-43E4-8D87-91C5F363B8EF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "DAEF6FB8-82E9-402B-B8BF-F95A4DD799AC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "FF5DC6AB-B1FD-4F87-9651-5B998AD334ED" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "500B365C-D6BF-46F8-9200-6ED48A44355C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "8A08655B-5227-43A0-B645-07B615CC46FF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "13D0B367-52C0-4240-8126-1248314F1990" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "3A1303B8-9C3E-4231-9EF2-C3BA7A54B7B1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5F19339B-AAA0-4042-895C-4A21C051285C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "08050FA1-95FB-4308-A6C2-622591C79BEE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "422F7E41-F437-4441-8692-B45C41204CCB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "99E9F540-777F-4BD2-B44B-EABE311BAC58" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "E0807131-7BF9-475F-B42B-25EFD46A96BA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "080ED7C9-3348-49D8-937D-83A0D629374B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "11523A7B-F557-4E74-B892-5F7D05FE973F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "A3945EBB-D386-4995-BF95-A7AC5E163E1C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "DE249685-99F0-4ECB-A2E9-F3E306D87E02" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "130E7AE9-EC3B-4E46-89BE-35ABC1CFACAD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "9812A290-060A-4632-8A5D-475EDAD754D6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "72BBBBEB-FD14-4452-84F7-1954312A4995" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "A9AFAD75-1916-44AC-825C-47F8BDC3A8F4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FBCBBC84-0F63-4BBC-9612-4D2FD74F6D91" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "4284452B-A664-4974-A64D-3BD6E7BDE886" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "ABA70292-BAD3-4C41-BCAB-D7F49EE00066" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "1582AC09-AD12-4411-B875-F2AB8DAA32B4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "00DEEEDB-98B2-43FE-A1B2-340294097399" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "09FC837C-CA10-4F04-A537-A6C759C7BE69" }, { "vulnerable": true, "criteria": "cpe:2.3:a:python_software_foundation:python:2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "BF212333-E797-4BB3-8BF7-4D51B52314D5" } ] } ] } ], "references": [ { "url": "http://bugs.gentoo.org/attachment.cgi?id=159418&action=view", "source": "cve@mitre.org", "tags": [ "Exploit" ] }, { "url": "http://bugs.gentoo.org/show_bug.cgi?id=230640", "source": "cve@mitre.org" }, { "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html", "source": "cve@mitre.org" }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "source": "cve@mitre.org" }, { "url": "http://security.gentoo.org/glsa/glsa-200807-16.xml", "source": "cve@mitre.org" }, { "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.525289", "source": "cve@mitre.org" }, { "url": "http://support.apple.com/kb/HT3438", "source": "cve@mitre.org" }, { "url": "http://support.avaya.com/css/P8/documents/100074697", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2008/dsa-1667", "source": "cve@mitre.org" }, { "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:163", "source": "cve@mitre.org" }, { "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:164", "source": "cve@mitre.org" }, { "url": "http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5032900", "source": "cve@mitre.org" }, { "url": "http://www.openwall.com/lists/oss-security/2008/11/05/2", "source": "cve@mitre.org" }, { "url": "http://www.openwall.com/lists/oss-security/2008/11/05/3", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/bid/30491", "source": "cve@mitre.org" }, { "url": "http://www.ubuntu.com/usn/usn-632-1", "source": "cve@mitre.org" }, { "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", "source": "cve@mitre.org" }, { "url": "http://www.vupen.com/english/advisories/2008/2288", "source": "cve@mitre.org" }, { "url": "http://www.vupen.com/english/advisories/2009/3316", "source": "cve@mitre.org" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44172", "source": "cve@mitre.org" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44173", "source": "cve@mitre.org" }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8445", "source": "cve@mitre.org" }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8683", "source": "cve@mitre.org" }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9761", "source": "cve@mitre.org" } ] }