Description
Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of certain integer values is also affected by related integer underflows and an off-by-one error.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2018-3110 Vulnerability (CVE-2018-3110)
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-26477)
Joomla! Core 1.0.x Multiple Cross-Site Scripting Vulnerabilities (1.0.0 - 1.0.10)
Oracle HTTP Server Other Vulnerability (CVE-2021-41617)
WordPress Plugin Orbit Fox by ThemeIsle Multiple Vulnerabilities (2.10.2)