Description

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.

Remediation

References

CVE-2010-2089

Related Vulnerabilities

WordPress Plugin pipdig Power pack (p3) Backdoor (4.7.3)

Java Unspesificed Vulnerability (CVE-2019-2766)

MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-30152)

PHP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2013-1824)

WordPress Plugin Woocommerce CSV importer Unspecified Vulnerability (3.4.0)

Severity

Medium

Classification

CVE-2010-2089 CWE-119

Tags

Missing Update Known Vulnerabilities