Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2008-04-18T17:00:00
Updated: 2024-08-07T08:40:59.882Z
Reserved: 2008-04-18T00:00:00
Link: CVE-2008-1887
Vulnrichment
No data.
NVD
Status : Modified
Published: 2008-04-18T17:05:00.000
Modified: 2024-11-21T00:45:35.183
Link: CVE-2008-1887
Redhat