Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Python Off-by-one Error Vulnerability (CVE-2007-2052)

Description

Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.

Remediation

References

Related Vulnerabilities

Drupal Improper Access Control Vulnerability (CVE-2016-3165)

Lighttpd Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4559)

MySQL CVE-2021-2021 Vulnerability (CVE-2021-2021)

Squid Reachable Assertion Vulnerability (CVE-2023-49286)

Zope Web Application Server Other Vulnerability (CVE-2000-0483)

Severity

Medium

Classification

CVE-2007-2052 CWE-193

Tags

Missing Update Known Vulnerabilities