Description

Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. NOTE: this vulnerability reportedly exists because of an incomplete fix for CVE-2008-2315.

Remediation

References

CVE-2008-5031

Related Vulnerabilities

Oracle Application Server Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-0586)

Oracle JRE CVE-2013-0424 Vulnerability (CVE-2013-0424)

WordPress Plugin WP DSGVO Tools (GDPR) Cross-Site Request Forgery (2.2.18)

RubyGems Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-0899)

WordPress Plugin WP-Recall-Registration, Profile, Commerce & More Cross-Site Scripting (16.24.47)

Severity

Critical

Classification

CVE-2008-5031

Tags

Missing Update Known Vulnerabilities