Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. NOTE: this vulnerability reportedly exists because of an incomplete fix for CVE-2008-2315.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Python | Python | 2.5.1 | 2.5.1 |
Python | Python | 2.4.6 | 2.4.6 |
Python | Python | 2.2.3 | 2.2.3 |
Python | Python | 2.3.7 | 2.3.7 |