oss-sec mailing list archives
Re: CVE Request - Python string expandtabs
From: "Steven M. Christey" <coley () linus mitre org>
Date: Mon, 10 Nov 2008 13:04:40 -0500 (EST)
====================================================== Name: CVE-2008-5031 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031 Reference: MLIST:[oss-security] 20081105 CVE Request - Python string expandtabs Reference: URL:http://www.openwall.com/lists/oss-security/2008/11/05/2 Reference: MLIST:[oss-security] 20081105 Re: CVE Request - Python string expandtabs Reference: URL:http://www.openwall.com/lists/oss-security/2008/11/05/3 Reference: MISC:http://scary.beasts.org/security/CESA-2008-008.html Reference: CONFIRM:http://svn.python.org/view/python/trunk/Objects/stringobject.c?rev=61350&view=diff&r1=61350&r2=61349&p1=python/trunk/Objects/stringobject.c&p2=/python/trunk/Objects/stringobject.c Reference: CONFIRM:http://svn.python.org/view/python/trunk/Objects/unicodeobject.c?rev=61350&view=diff&r1=61350&r2=61349&p1=python/trunk/Objects/unicodeobject.c&p2=/python/trunk/Objects/unicodeobject.c Reference: CONFIRM:http://svn.python.org/view?rev=61350&view=rev Multiple integer overflows in Python 2.5.2 allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. NOTE: this vulnerability reportedly exists because of an incomplete fix for CVE-2008-2315.
Current thread:
- CVE Request - Python string expandtabs Jan Lieskovsky (Nov 05)
- Re: CVE Request - Python string expandtabs Chris Evans (Nov 05)
- Re: CVE Request - Python string expandtabs Steven M. Christey (Nov 10)
- <Possible follow-ups>
- Re: CVE request - Python string expandtabs Will Drewry (Nov 10)
- Re: CVE Request - Python string expandtabs Chris Evans (Nov 05)