CVE-2008-3144: Integer Overflow

First published: Fri Aug 01 2008(Updated: )

Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of certain integer values is also affected by related integer underflows and an off-by-one error.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Python Python	<=2.5.2
Python Software Foundation Python	=2.2
Python Software Foundation Python	=2.4.4
Python Software Foundation Python	=2.0.1
Python Software Foundation Python	=2.5.2
Python Software Foundation Python	=1.6
Python Software Foundation Python	=2.4.3
Python Software Foundation Python	=2.3.7
Python Software Foundation Python	=2.3.2
Python Software Foundation Python	=2.4.5
Python Software Foundation Python	=2.3.3
Python Software Foundation Python	=1.5.2
Python Software Foundation Python	=2.1.2
Python Software Foundation Python	=2.4.1
Python Software Foundation Python	=2.4
Python Software Foundation Python	=2.3
Python Software Foundation Python	=2.1
Python Software Foundation Python	=2.2.2
Python Software Foundation Python	=2.3.5
Python Software Foundation Python	=2.5.1
Python Software Foundation Python	=1.6.1
Python Software Foundation Python	=2.3.1
Python Software Foundation Python	=2.1.3
Python Software Foundation Python	=2.4.2
Python Software Foundation Python	=2.3.4
Python Software Foundation Python	=2.5
Python Software Foundation Python	=2.3.6
Python Software Foundation Python	=2.0
Python Software Foundation Python	=2.1.1
Python Software Foundation Python	=2.2.1
Python Software Foundation Python	=2.2.3

Never miss a vulnerability like this again

Reference Links

collector/nvd-historical
collector/nvd-index
agent/author
agent/type
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
agent/references
agent/weakness
agent/severity
agent/tags
agent/description
agent/event
collector/nvd-api
agent/software-canonical-lookup-request
collector/mitre-cve
source/MITRE
vendor/python software foundation
canonical/python software foundation python
version/python software foundation python/2.2
version/python software foundation python/2.4.4
version/python software foundation python/2.0.1
version/python software foundation python/2.5.2
version/python software foundation python/1.6
version/python software foundation python/2.4.3
version/python software foundation python/2.3.7
version/python software foundation python/2.3.2
version/python software foundation python/2.4.5
version/python software foundation python/2.3.3
version/python software foundation python/1.5.2
version/python software foundation python/2.1.2
version/python software foundation python/2.4.1
version/python software foundation python/2.4
version/python software foundation python/2.3
version/python software foundation python/2.1
version/python software foundation python/2.2.2
version/python software foundation python/2.3.5
version/python software foundation python/2.5.1
version/python software foundation python/1.6.1
version/python software foundation python/2.3.1
version/python software foundation python/2.1.3
version/python software foundation python/2.4.2
version/python software foundation python/2.3.4
version/python software foundation python/2.5
version/python software foundation python/2.3.6
version/python software foundation python/2.0
version/python software foundation python/2.1.1
version/python software foundation python/2.2.1
version/python software foundation python/2.2.3
vendor/python
canonical/python python
version/python python/2.5.2

CVE-2008-3144: Integer Overflow

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact