Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. NOTE: this vulnerability reportedly exists because of an incomplete fix for CVE-2008-2315.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Python | Python | 2.2.3 (including) | 2.2.3 (including) |
Python | Python | 2.3.7 (including) | 2.3.7 (including) |
Python | Python | 2.4.6 (including) | 2.4.6 (including) |
Python | Python | 2.5.1 (including) | 2.5.1 (including) |
Red Hat Enterprise Linux 3 | RedHat | python-0:2.2.3-6.11 | * |
Red Hat Enterprise Linux 4 | RedHat | python-0:2.3.4-14.7.el4_8.2 | * |
Red Hat Enterprise Linux 5 | RedHat | python-0:2.4.3-24.el5_3.6 | * |
Python2.4 | Ubuntu | dapper | * |
Python2.4 | Ubuntu | hardy | * |
Python2.4 | Ubuntu | intrepid | * |
Python2.4 | Ubuntu | upstream | * |
Python2.5 | Ubuntu | gutsy | * |